Redirecting HTTPS sites using ProxySG

Some customers often ask when using a proxy, if it’s possible to redirect one HTTPS site to another. IE will not accept a non-2xx code in response to an HTTPS. Officially, there is nothing more to it, it’s
not possible…

I have a workaround/hack for this. Please be aware that I provide this to you with no guarantees. I
have tested this and I know it works, but officially it is not supported Keep in mind the reason the browsers do not accept non 2xx responses is due to security advisories, so it’s not exactly a bluecoat issue. Nevertheless, here is my workaround.

In this example I will be redirecting https://www.google.com to https://www.hsbc.co.uk/1/2/.

1. Enable SSL interception. In both transparent and explicit proxy mode, SSL interception is
needed since without it, the URLs are encrypted and so the proxy cannot read the URLs.
2. Create a “web access” layer, and create a new rule

In my example, this is what the rule looks like:

The source is set to any. You can of course change this to your needs. The destination is an object of “Request URL”, and is simple:

Basically any HTTPS connection going to google will be redirected. The action is an object of type “Notify User”. This is the important part. It will look like this:

The “hack” is in the title bar. Note how I manually close the title tag </title> and insert a meta tag
<meta. This tag basically forces the client browser to “refresh” after 0 seconds, and causes the
refresh destination to be https://www.hsbc.co.uk/1/2/. The last <title> tag is there in order to
properly close the </title> tag that is automatically inserted by the proxy. This has the effect of
redirecting the client

Last two points to note are that I chose “notify on every host” so that every host will be redirected
every time, similarly for the “After 1 min”