HTTP header to stop Google Chrome from using Data Saver to a particular web?

2,112 views
Skip to first unread message

Andryan Gouw

unread,
Apr 16, 2015, 10:16:19 PM4/16/15
to chromium...@chromium.org
Hello,

I posted this question to Google Chrome Help Forum but was told to ask here instead. :)

I'm wondering if there's a server-side method (from HTTP response header) to stop Google Chrome from using Data Saver proxy for a particular web site/server.  The idea behind this question is to allow transparent proxy's injection of some HTTP headers (like MSISDN forwarding) to identify user's services profile for a particular web site/server.


Cheers,
Andryan

PhistucK

unread,
Apr 17, 2015, 6:40:05 AM4/17/15
to and...@gmail.com, Chromium-discuss
If you serve the website using HTTPS, you 'bypass' the proxy and your users are more secure. :)


PhistucK

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

Andryan

unread,
Apr 17, 2015, 6:45:46 AM4/17/15
to PhistucK, Chromium-discuss
Hello,

That's true but that would also prohibit the HTTP header injection from happening and thus not accomplishing the objective. :)


Regards,
Andryan

Charles White

unread,
May 4, 2015, 7:39:13 AM5/4/15
to chromium...@chromium.org
I am also interested in this as header injection does not work over HTTPS

Andryan Gouw

unread,
Sep 18, 2015, 12:24:29 AM9/18/15
to Chromium-discuss
No way to achieve this, guys?

Yuta Kitamura

unread,
Sep 18, 2015, 1:06:37 AM9/18/15
to and...@gmail.com, Chromium-discuss
According to <https://developer.chrome.com/multidevice/data-compression>:

  • As a site owner, how do I opt-out from content optimization?
    Data compression proxy respects the standard Cache-Control: no-transform directive. Site owners can mark individual resources with this directive and the proxy will pass them through directly to the browser.

--

Andryan Gouw

unread,
Sep 18, 2015, 1:27:40 AM9/18/15
to Yuta Kitamura, Chromium-discuss
Ah, thank you!

I will try this to see if this option could be used to let Header Enrichment headers to work properly.


Cheers,
Andryan

Andryan Gouw

unread,
Sep 28, 2015, 4:10:28 AM9/28/15
to Chromium-discuss
Unfortunately as mentioned in http://stackoverflow.com/a/27804385, the Cache-Control: no-transform directive does not cause the browser to reexecute the HTTP request and therefore it's not a solution.

Alejandro Medero

unread,
Jan 6, 2017, 4:43:51 AM1/6/17
to Chromium-discuss
Andryan did you find a workaround for this without serving your website through https? we're facing the same exact issue.

Andryan Gouw

unread,
Jan 6, 2017, 6:10:32 AM1/6/17
to Chromium-discuss
Hi Alejandro,

Unfortunately no.  I gave up on this. :(

I guess there must be modification in the HTTP specs to achieve this.


Cheers,
Andryan


---
You received this message because you are subscribed to a topic in the Google Groups "Chromium-discuss" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/chromium-discuss/okmqTgN-mLM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to chromium-discuss+unsubscribe@chromium.org.

Amit Kulkarni

unread,
Jul 27, 2017, 3:13:02 AM7/27/17
to Chromium-discuss
Any Update ?

is there no way to bypass google chrome compression proxy ?
its causing issues in Header enrichment in MobilityServices - VAS.
To unsubscribe from this group and all its topics, send an email to chromium-discu...@chromium.org.

PhistucK

unread,
Jul 27, 2017, 3:21:49 AM7/27/17
to kulka...@gmail.com, Chromium-discuss
Yes - use HTTPS.


PhistucK

You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.

Amit Kulkarni

unread,
Jul 27, 2017, 3:23:59 AM7/27/17
to PhistucK, Chromium-discuss
Cant use https.

We r in Mobility VAS business , and most things works on header enrichment and ssl wont allow it.


To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

--
Thanks & Regards ,
Amit Kulkarni

PhistucK

unread,
Jul 27, 2017, 3:51:49 AM7/27/17
to Amit Kulkarni, Chromium-discuss
Then I guess you cannot bypass it.
But perhaps detail the issue that you are experiencing and that might get fixed (probably at the proxy level and not at the browser level).


PhistucK

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.

Amit Kulkarni

unread,
Jul 27, 2017, 3:57:17 AM7/27/17
to PhistucK, Chromium-discuss
Issue is : Google Proxy Server only pass the IP in x-forwarded IP header.
but in reality there are lots of custom headers sent by Particular Telco.
like MSISDN, IMSI .

as google server is middleware between it, how  can we identify user and get those header details sent by telco to us?



Thanks & Regards ,
Amit Kulkarni

PhistucK

unread,
Jul 27, 2017, 4:05:50 AM7/27/17
to Amit Kulkarni, Chromium-discuss
Oh, so you are meeting the same problem as with SSL, basically.
The telcos (hopefully) do not touch the requests sent to the proxy, because it is secure, so they do not manipulate the headers.
I do not think there is a solution, other than telling your users to disable the proxy.


PhistucK

Matt Welsh

unread,
Aug 1, 2017, 1:59:19 AM8/1/17
to Chromium-discuss
Amit, I am the person to talk to about this. Please send me a direct email explaining your needs and I will be happy to discuss options.

Thanks,
Matt Welsh
Google

angus.k...@accedo.tv

unread,
Sep 30, 2017, 4:51:52 PM9/30/17
to Chromium-discuss
Hi Matt,

We too have the same issue with the telco adding headers if the mobile is on their network and using a web service from our system which is IP whitelisted by the Telco.

So anyway to stop Chrome  from doing this from the server end of things ?



webber

unread,
Oct 30, 2017, 7:34:20 AM10/30/17
to Chromium-discuss
Hi Matt,

We are also in trouble with this feature because it prevents  msisdn header enrichment from telecom operators.  Is there any way to stop data save mode for particular sites from server side, or is it possible for chrome to implement a similar feature as "Opera PaymentEnable v3" that makes both data save mode and header enrichment work well?

在 2017年8月1日星期二 UTC+8下午1:59:19,Matt Welsh写道:

webber

unread,
Oct 30, 2017, 7:55:17 AM10/30/17
to Chromium-discuss
Hi Matt,

We are also in trouble with this feature because it prevents msisdn header enrichment by teleco operators. Is there any way to disable data save mode for particular sites from server side, or is it possbile for chrome to implement a similar feature as "Opera Payment Enable v3" that could make both data save mode and header enrichment work well?


在 2017年8月1日星期二 UTC+8下午1:59:19,Matt Welsh写道:
Amit, I am the person to talk to about this. Please send me a direct email explaining your needs and I will be happy to discuss options.

Jovan Komnenovic

unread,
Dec 19, 2017, 4:56:58 AM12/19/17
to Chromium-discuss
Dear Matt, we are facing same issue for Ooredoo Oman VAS services. We see new Android 7+ Nugget Chrome UA is stripping of all enrichment in the header while other browsers eg like Firefox Q are not. Please share how to sort it out. My colleague serving Google CDN didnt get any update eg on diverting non Youtube HTTP traffic from your CDN to avoid such major change for our customers. Please advice.
Jovan Komnenovic
Section Head - PS Core, Data Services, Ooredoo Oman
 +96895103066
 

Via: 1.1 Chrome-Compression-Proxy

X-Forwarded-For: 188.66.131.xxx

Connection: keep-alive

User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G955F Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36

REMOTE_ADDR: 66.249.93.206


https://whois.arin.net/rest/net/NET-66-249-64-0-1/pft?s=66.249.93.206

Organization
Name        Google LLC
State/Province    CA
Postal Code     94043
Phone    +1-650-253-0000 (Office)
Email    arin-c...@google.com
https://whois.arin.net/rest/poc/ABUSE5250-ARIN.html
Phone    +1-650-253-0000 (Office)
Email    networ...@google.com

sathya ruggahavila

unread,
Oct 18, 2018, 1:57:52 AM10/18/18
to Chromium-discuss
Hi Matt
 we are facing the same issue. we are a vas provider for Srilankan telcos when a customer turn on data saver mode we are not getting MSISDN header. this only happened in on our servers on amazon. when we host the website in srilankan hosting provider(srilanka telecom) we are getting headers 

PhistucK

unread,
Oct 18, 2018, 2:00:31 AM10/18/18
to sath...@gmail.com, Chromium-discuss
Sounds like your Amazon hosting is not using HTTPS. If it did, the Data Saver mode would have not been applied to it.

PhistucK


You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

Torne (Richard Coles)

unread,
Oct 18, 2018, 11:53:52 AM10/18/18
to phis...@gmail.com, sath...@gmail.com, Chromium-discuss
PhistucK, these sites are generally relying on MITM header insertion for billing purposes: the cell network operator's transparent HTTP proxy injects account information into extra headers when communicating with partners who are allowed to do mobile billing/etc. This mechanism relies both on using unencrypted HTTP *and* on bypassing the data saver proxy (or any other kind of proxy) and many vendors still depend on this :(

They need to read https://developer.chrome.com/multidevice/data-compression-for-isps#proxy-bypass and get onto the blacklist, unfortunately.

PhistucK

unread,
Oct 18, 2018, 12:01:10 PM10/18/18
to Torne (Richard Coles), sathya ruggahavila, Chromium-discuss
Are there talks about solving this problem securely? This situation sounds really, really bad.

PhistucK

Torne (Richard Coles)

unread,
Oct 18, 2018, 12:20:30 PM10/18/18
to PhistucK, sathya ruggahavila, Chromium-discuss
I have no idea if the mobile billing industry has developed any replacement or not, or what the adoption would be. Ultimately that would be something that can only really be driven by the mobile operators themselves - even the businesses that are using the billing service would not have much say in the matter.

Torne (Richard Coles)

unread,
Oct 18, 2018, 12:21:19 PM10/18/18
to PhistucK, sathya ruggahavila, Chromium-discuss
Operators have been doing this kind of billing mechanism since the earliest days of the mobile web, when WAP was still a thing, so it's got a lot of inertia behind it.

PhistucK

unread,
Oct 18, 2018, 12:46:15 PM10/18/18
to Torne (Richard Coles), sathya ruggahavila, Chromium-discuss
Back then, HTTPS was not as encouraged or popular as it is today. Maybe it is time for browsers to push against this insecure, harmful "solution".

PhistucK

Matt Welsh

unread,
Oct 18, 2018, 12:47:38 PM10/18/18
to phis...@gmail.com, Torne (Richard Coles), sathya ruggahavila, Chromium-discuss
We (on Chrome) are working on a solution to this problem, no details to share just yet, but it is certainly on our radar.

Ivan Ivanov

unread,
Dec 2, 2018, 2:06:52 AM12/2/18
to Chromium-discuss, phis...@gmail.com, to...@chromium.org, sath...@gmail.com
Hi Matt, any update?

Julio Pardo

unread,
Jan 31, 2019, 1:41:47 AM1/31/19
to Chromium-discuss, phis...@gmail.com, to...@chromium.org, sath...@gmail.com
Hi Matt, any update of this problem?

Nana Osei

unread,
May 1, 2019, 2:40:00 AM5/1/19
to Chromium-discuss, phis...@gmail.com, to...@chromium.org, sath...@gmail.com
Hi Matt,
any update on this please?

Did you manage to get this done?

thanks
Nana
To unsubscribe from this group and stop receiving emails from it, send an email to chromium...@chromium.org.

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to a topic in the Google Groups "Chromium-discuss" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/chromium-discuss/okmqTgN-mLM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to chromium...@chromium.org.

Arif Nezami

unread,
May 29, 2019, 7:04:47 AM5/29/19
to Chromium-discuss, phis...@gmail.com, to...@chromium.org, sath...@gmail.com
Dear Matt,
Any solution of the save-data hampering telco header push? Looks like it is there for more than 3/4 years now.

To unsubscribe from this group and stop receiving emails from it, send an email to chromium...@chromium.org.

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to a topic in the Google Groups "Chromium-discuss" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/chromium-discuss/okmqTgN-mLM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to chromium...@chromium.org.

RAKESH CHAURASIA

unread,
Dec 5, 2019, 2:34:13 AM12/5/19
to Chromium-discuss, sath...@gmail.com
Hi Phistuck,

I am using the amazon server. Can you tell me one thing the Header enrichment will work with https (SSL) in chrome. will it bypass the msisdn if the datasaver mode is 'ON'.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium...@chromium.org.

RAKESH CHAURASIA

unread,
Dec 5, 2019, 4:29:50 AM12/5/19
to Chromium-discuss, sath...@gmail.com
Hi 

Please any one can help me for my query.

Thanks

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

PhistucK

unread,
Dec 5, 2019, 5:03:57 AM12/5/19
to rakesh.c...@nirmaltechs.com, Chromium-discuss, sathya ruggahavila
Your question is unclear to me, but in general, give people a day or two to answer before you ping.

PhistucK

RAKESH CHAURASIA

unread,
Dec 5, 2019, 5:13:15 AM12/5/19
to PhistucK, Chromium-discuss, sathya ruggahavila
Hi Phistuck

Apologize for it. I need your help and expertise on this issue bro.

my question is :-   i am trying to get header enrichment ( msisdn ) with HTTPS in google chrome browser 

with http link when we are doing data saver mode 'OFF' in handset then we are getting the msisdn in chrome browser but with data saver mode ON i am not getting the msisdn with http link.

Have you did this before with HTTPS to get the msisdn in header enrichment?

will HTTPS connection can bypass the datasaver mode??

waiting  for your valuable feedback

thanks

RAKESH CHAURASIA

unread,
Dec 5, 2019, 8:43:03 AM12/5/19
to PhistucK, Chromium-discuss, sathya ruggahavila
Hi PhistucK

Please suggest its urgent..

Please help !!

Thanks

PhistucK

unread,
Dec 5, 2019, 8:59:59 AM12/5/19
to RAKESH CHAURASIA, Chromium-discuss, sathya ruggahavila
Again, it is not fine to ping the thread so quickly. People have other stuff to do.
I have no answer.

PhistucK

Andryan Gouw

unread,
Dec 5, 2019, 9:29:38 AM12/5/19
to rakesh.c...@nirmaltechs.com, Chromium-discuss, PhistucK, sathya ruggahavila
Hi Rakesh,

It has been a while since I started this thread, but using HTTPS will avoid using Google's proxy servers but there is no way for you can inject Header Enrichment to HTTPS connections.

Perhaps there should be some agreement between the telcos and Google to allow Header Enrichment for the telco's mobile Chrome users on non-HTTPS sites.  One scenario that I explored was through the use of the HTTP header "Cache-Control: no-transform", but unfortunately with the current browser behavior, this header alone doesn't trigger a refresh/retry by the browser upon receiving this particular header, so it's impossible to achieve with the current state of everything.


Cheers,
Andryan

Torne (Richard Coles)

unread,
Dec 5, 2019, 11:34:20 AM12/5/19
to and...@gmail.com, rakesh.c...@nirmaltechs.com, Chromium-discuss, PhistucK, sathya ruggahavila
This is the case explained here: https://developer.chrome.com/multidevice/data-compression-for-isps#proxy-bypass
You should contact the network operator who is doing the header insertion for you - they likely already have URLs registered for proxy bypass and will need to add your URLs to the list.
Reply all
Reply to author
Forward
0 new messages