Steps to reproduce: 1. Go to http://sourceforge.net/projects/sarg/files/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz/download 2. Attempt to download 3. Squid will display error page saying "The requested URL could not be retrieved" and "The HTTP Response message received from the contacted server could not be understood or was otherwise malformed. Please contact the site operator." cache.log contains the error below: 2011/04/27 11:53:25| WARNING: HTTP: Invalid Response: Bad header encountered from http://downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1 AKA downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1 2011/04/27 11:53:25| ctx: enter level 0: 'http://downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1' 2011/04/27 11:53:25| WARNING: HTTP header contains NULL characters {Access-Control-Allow-Origin: * X-Powered-By: PHP/5.2.9 Content-Disposition: attachment; filename="sarg-2.3.1.tar.gz} NULL {Access-Control-Allow-Origin: * X-Powered-By: PHP/5.2.9 Content-Disposition: attachment; filename="sarg-2.3.1.tar.gz 2011/04/27 11:53:25| ctx: exit level 0 Here is a squid -v Squid Cache: Version 3.1.12.1 configure options: 'CHOST=i686-pc-linux-gnu' 'CFLAGS=-march=prescott -O2 -pipe -fomit-frame-pointer' 'CXXFLAGS=' '--prefix=/usr' '--includedir=/include' '--mandir=/share/man' '--infodir=/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/lib/squid3' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=8' '--with-cppunit-basedir=/usr' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-underscore' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,YP,getpwnam,multi-domain-NTLM' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-snmp' '--enable-epoll' '--with-large-files--with-filedescriptors=65536' '--enable-arp-acl' '--enable-zph-qos' '--enable-esi' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--enable-linux-netfilter' '--with-default-user=proxy' --with-squid=/opt/squid-3.1.12.1 Sourceforge is not the only website that does it, not all websites do it, but some. So far all affected websites have been affected in the header line "Content-Disposition". I also have wireshark captures from a machine running outside squid and one running inside. Any help with this issue would be appreciated. Thank you.