Avast blocked http2

Hello, why avast block me a http2 connexion ? I wanted to connect to www.restapi.fr and, avast send me this message :

Unknown ALPN Protocol, expected h2 to be available
If this is a HTTP request: The server was not configured with the allowHTTP1 option or a listener for the unknownProtocol event.

Thank you !

Hi linhee,

Alors, …

I do not see any problems there, nor with Virus Total result for address and IP relations.
Neither here: https://sitereport.netcraft.com/?url=https://www.restapi.fr

Nor with GET -https://restapi.fr/api/blog/5e16e37846e3e328c19cb656?delay=3

Quick Source review oversight:

HTML
www.restapi.fr/
16,916 bytes, 220 nodes

Javascript 6 (external 0, inline 6)
INLINE: self[‘tp_jgWluPUXPfX_func’] = function(frame){ if (frame === null) { co
3,872 bytes

INLINE: self[‘tp_JlkomuYIPMS_func’] = function(frame){ if (frame === null) { co
2,186 bytes

INLINE: self[‘tp_ZbDxKAJZRwd_func’] = function(frame){ if (frame === null) { co
2,614 bytes

INLINE: self[‘tp_ptZcxWEUaHO_func’] = function(frame){ if (frame === null) { co
2,424 bytes

INLINE: self[‘tp_bmpPOpikxYV_func’] = function(frame){ if (frame === null) { co
5,409 bytes

INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
412,307 bytes

CSS 4 (external 0, inline 4)
INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

INLINE: .BDTLL_icon_ok { background-image: url(data:image/png;base64,iVBORw0KGgoAAAA
26,787 bytes INJECTED

INLINE: .BDTLL_status { cursor: pointer; display: inline; margin-right: 3px;
117 bytes INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

Avast Online Security does not block,
JavaScript error on website

SyntaxError: Invalid regular expression flags
eval ()()
:3:100()
Object.N [as F_c] (:2:148)()
Object.E_u (:3:274)()
Ka (eval at exec_fn (:1:157), :61:375)()
Object.create (eval at exec_fn (:1:157), :73:235)()
L (eval at exec_fn (:1:157), :12:208)()

Probably you might have experienced a networking hick-up, report such an FP to avast from inside the software.

Je vous souhait bonne année 2021,

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error hunter)

Bonjour,

Je ne parviens pas à visiter le site sans devoir désactiver le core shield d’avast => https://image.noelshack.com/fichiers/2020/53/2/1609233688-screen-shot-2020-12-28-at-17-56-57.png

Apparemment leur serveur n’accepte pas le http1.1 mais tout est à jour chez moi… Pourquoi aie-je ce souci ?

English :

I can’t visit the site without disabling the avast core shield => https://image.noelshack.com/fichiers/2020/53/2/1609233688-screen-shot-2020-12-28-at-17-56-57.png

Their server does not accept http1.1 but everything is up to date… Why do I have this problem ?

Thank you et bonne année également.

Hi lynhee,

You could find an answer here: @stackoverflow.com.

70,5% of browsers now support HTTP/2. But new, and there are browsers that only support HTTP/1.x and many servers that support the latter also. A client can use an upgrade mechanism to negotiate a proper protocol to communicate with the server. But a browser that supports HTTP/2 also supports HTTP/1.1 Server will see a connection preface but will not recognize the PRI method. What the server exactly will do under such circumstances depends on that server, like return a 400 bad request. Close the connection altogether is better or you end up with an internal server error. It is a bug for HTTP 1.1. parser server implementation, this parser should not panic. They (client and server) start the main communication after the protocol negotiation, your problem then should not exist. You are getting an unknown ALPN protocol message , expected 'h2' to be available. The server was not configured with the 'allowHTTP1' option.for the 'unknowProtocol'event.
See github for downgrade HTTP/2 to HTTP1 over HTTP9non-TLS0#26795 (info credits go to nwtgck & sbordet).

Hope this information may help you,

polonus