Support for ZSTD Encoding

Last updated
Save as PDF

Overview

The latest Chrome version 123 supports a new encoding format, Zstd. The browser sends the supported encoding details as part of the accept encoding header to the web server, and if the server supports these encodings, it will send the data by encoding it in the format supported. Currently, SWG supports deflate, gzip, and brotli content encoding and does not support the decoding of Zstd content. This allows SWG to decode the data sent by the server if it is presented in the supported encoding formats and do content inspection.

Users who upgrade to the latest version of Chrome (123 onwards) might face issues when doing content inspection when visiting sites that support and select the Zstd encoding when the client advertises its support for this encoding. This would impact features that depend on inspection of the data transferred for these sites, e.g., media type, antivirus, etc. At present, the issue is only observed with Google and Facebook sites that have adopted Zstd for content encoding.

Workaround

We have provided a rule set exported to an XML file as a workaround. Follow the below-mentioned steps to add an XML file.

Enable the HTTP Scanning checkbox and click Unlock View.

Click Yes to confirm Unlock View.
Go to Ruleset > Add > Rule Set from Library.
In the Add from Rule Set Library page, click Import from file.

Rule set exported to an XML file.
Download the XML file.
Click Browse to import the XML file.

Click OK.
Click Save Changes to accept the encoding header.

Final solution

SWG will be enhanced to support Zstd encoding. Communication will be sent via "Skyhigh Connect", where reference for implementation will be available in release notes.