OK, more data in
<https://bugzilla.mozilla.org/show_bug.cgi?id=416178#c27> comes down to:
1) The firewall is filtering out anything that does not have a
Content-Type header string value of exactly
"application/x-www-form-urlencoded".
2) They'd really like to have a way of not sending a charset.
They claim to not have a way to modify the firewall configuration from
the above behavior, which I guess is no more surprising than any of a
variety of other hardcoded idiocies we've been encountering in HTTP
server behavior.
-Boris
