...
Link to latest PAC version from repository: https://gitlab.com/agat-software/filter-devs/teams_protector/-/blob/efa810b60720d03c7d0cad727f53282a6c48879b/Config/PACs/pac_file.pac
Last updated 1306.0611.2023
Info |
---|
Version from 13.06.2023 includes a change from regular expressions to shell expressions. These are more widely supported by platforms other than Windows, including iOS. Note that the proxy address is specified on line 5 only. |
Code Block | ||
---|---|---|
| ||
function FindProxyForURL(url, host) { // Specify your proxy here: e.g. "Proxy 11.22.33.4:80" var agatProxy = "PROXY <Bastion IP>:<Bastion Port>" var ignorelist = new Array( "secure.aadcdn.microsoftonline-p.com", "statics.teams.microsoft.com"); var proxylist = new Array( "*.sharepoint.com", "*.sharepointonline.com", "teams.microsoft.com", "*.ng.msg.teams.microsoft.com", "pipe.skype.com", "*.notifications.teams.microsoft.com", "*.asyncgw.teams.microsoft.com", "*.agatskype.net", "*.msgapi.teams.microsoft.com", "substrate.office.com", "graph.microsoft.com", "*.trouter.teams.microsoft.com" ); // Check if need to ignore for (var i = 0; i < ignorelist.length; i++) { var value = ignorelist[i]; if (dnsDomainIs(host, value)) { return "DIRECT"; } } //One subdomain under teams if (shExpMatch(host, "*.teams.microsoft.com") && dnsDomainLevels(host) == 3){ return agatProxy; } // Return our proxy name for matched domains/hosts for (var i = 0; i < proxylist.length; i++) { var value = proxylist[i]; if (shExpMatch(host, value)) { return agatProxy; } } return "DIRECT"; } |
General Explanations
The PAC file uses shell expressions. These are more widely supported by platforms other than Windows, including iOS. Use of regexes may cause unexpected behavior.
The PAC file is written to catch all single level subdomains of teams.microsoft.com (e.g. config.teams.microsoft.com) but not two level subdomains (e.g. api.flightproxy.teams.microsoft.com). Exceptions to this rule are explicitly specified (e.g.
*.ng.msg.teams.microsoft.com
).
Adding a catch all subdomain rule will cause undesired behavior (e.g.shExpMatch(host, "*.teams.microsoft.com")
Note that the proxy address is specified on line 5 only.
URLs to whitelist in firewalls
...