While hacking around on one of his recent PHP scripts, Ivo Jansch noticed something odd - a notice message that seemed to appear out of nowhere.

I thought 'Que?!', as I have not modified the code in class.atkoutput.inc in weeks, and certainly not tonight.

This code worked in all browsers, for years, without notices, because the HTTP_ACCEPT_ENCODING header is usually set for most major browsers.

He made a connection as to a probable cause - the error showed up when he had installed the Norton Internet Security software on his laptop. The firewall in this software was grabbing the header in the notice (the index for HTTP_ACCEPT_ENCODING in $_SERVER) and stripping it from the connection.

The (undocumented?) side effect is that with Norton Internet Security active, no page will be send gzipped. This is a performance penalty I think. They probably do it to be able to scan the text before it arrives in the browser (unzipping, scanning and rezipping would probably take too much time).