Dealing with this issue can be quite challenging. The anti-virus feature in question is designed to prevent harmful code from sending your personal information to a remote server through the browser. It functions by buffering all outgoing traffic, scanning it for specific patterns before allowing it to reach the network.
This method works effectively when an application sends a complete HTTP request over the socket because the anti-virus can detect the end of the request and proceed to send the data without continuous scanning.
In scenarios like yours, where there may only be a header without a length field, the anti-virus will not transmit any data until enough information is provided to fill its buffer.
If disabling this particular feature seems like the best course of action, I've encountered similar issues with AVast and McAfee. It's likely that other anti-virus software providers have implemented similar measures. Personally, I faced this problem with McAfee's Personal Information Protection feature, which appeared to be too flawed for practical use.
To address this, try consistently sending data over the socket or include a length field in your HTTP messages. I've tried notifying some anti-virus companies about this issue, and while one resolved it, another did not take any action as far as I know.
Ultimately, such protective features may prove inadequate since a malicious application could easily bypass them by encoding the data using methods like ROT13 before transmission.