F.2 Proxy Auto-Configuration

Proxy Auto-Configuration is a technique that allows more control over the way user-agents select a proxy. The configuration file is simply a text file containing a JavaScript function. Browsers download the configuration file when they start up and then evaluate the function before each request. The function's return value determines where the request is sent.

Proxy Auto-Configuration is attractive because it gives the network administrator more control. For example, you can temporarily disable your caching service, implement load balancing, or migrate the service to new systems. Additionally, the function can return a list of proxy addresses, which the browser tries in sequence. If the first is unavailable, it tries the second, and so on.

The following browsers support Proxy Auto-Configuration:

  • Internet Explorer

  • Opera

  • Netscape

  • Konqueror

  • Mozilla

All these browsers have a place in which you can type in the Proxy Auto-Configuration URL. You'll find it in the same place as the manual proxy settings, earlier described in Section F.1. Configuring hundreds or thousands of workstations is a real hassle, which is why a handful of companies came up with WPAD, described in the next section.

Writing a Proxy Auto-Configuration function is relatively straightforward. The function, named FindProxyForURL, takes two arguments and returns a list of proxy addresses, separated by semicolons. The word DIRECT instructs the browser to forward the request directly to the origin server, rather than to a proxy. Here is a simple example:

function FindProxyForURL(url, host) {

    if (isPlainHostName(host))

        return "DIRECT";

    if (!isResolvable(host))

        return "DIRECT";

    if (url.substring(0, 5) =  = "http:")

        return "PROXY 172.16.5.1:3128; DIRECT";

    if (url.substring(0, 4) =  = "ftp:")

        return "PROXY 172.16.5.1:3128; DIRECT";

    return "DIRECT";

}

The first if statement makes the browser connect directly to the origin server if the user types a single-component hostname, such as www. This is generally a good idea because the browser's interpretation of the hostname might be different from the proxy's. The second if statement ensures that the hostname exists in the DNS. If not, the user sees an error message from the browser itself, rather than from Squid. The next two if statements return a proxy address, followed by DIRECT for HTTP and FTP URLs. If the proxy doesn't respond, the browser attempts to make a direct connection to the origin server.

If you have a firewall in place, the browser probably won't be able to make a direct connection.


After writing the function, save it somewhere in your web server's data directory. Next, you need to configure the server to return a specific content type for the file. The convention is to give the file a .pac extension, such as proxy.pac. Then, ensure that the HTTP server returns the content type application/x-ns-proxy-autoconfig. With Apache, you can add this line to your server config file:

AddType application/x-ns-proxy-autoconfig .pac

Refer to Section 4.3 of Web Caching (O'Reilly), for more information on Proxy Auto-Configuration files, including more complicated FindProxyForURL ideas and examples.



    Appendix A. Config File Reference