I am trying to allow just a small selection of youtube videos through the proxy server. All the videos have an ID in the URL, so I am trying to allow https://www.youtube.com/watch/?v=***YYYZZZ
The problem I think I am having is due to the HSTS (HTTP Strict Transport Security) requirements of youtube. When I keep the base URL of www.youtube.com out of my exceptions, I am getting taken to a certificate error screen. In IE (version 7 - it's an old system I working on), clicking continue takes me to an IE error page ("IE cannot display the webpage"), but Chrome tells me that it cannot be visited right now because it uses HSTS.
In my logs, I get lines like:
2015:01:05-15:23:04 commerce httpproxy[16758]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.100.x.x" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_HttProTablets (Tablets)" filteraction="REF_HttCffTablePcrFilte (Tablet PCR Filter Action)" size="3172" request="0xec04800" url="www.youtube.com/.../4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)" exceptions="av,auth,content,ssl,certcheck,certdate,mime,cache,fileextension,size" category="147" reputation="neutral" categoryname="Streaming Media" reason="category"
2015:01:05-15:23:04 commerce httpproxy[16758]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="CONNECT" srcip="10.100.x.x" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_HttProTablets (Tablets)" filteraction="REF_HttCffTablePcrFilte (Tablet PCR Filter Action)" size="3172" request="0xd251a000" url="www.youtube.com/.../4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)" exceptions="av,auth,content,ssl,certcheck,certdate,mime,cache,fileextension,size" category="147" reputation="neutral" categoryname="Streaming Media" reason="category"
Of course, if I add www.youtube.com to my exception list, everything works fine, but that includes the videos I don't want to allow.
It looks like the instructions in previous posts are from before google went to HSTS. Has anyone gotten it working properly? What are you putting in the "Filtering Options -> Exceptions" screen, and what goes in the whitelist for the applicable profile?
I appreciate the help.
Thanks
Adam
This thread was automatically locked due to age.