Overview#
Proxy Auto-Config (PAC) are files that defines how web browsers and other User-agents can automatically choose the appropriate Proxy Server (access method) for fetching a given URL.Proxy Auto-Config file contains a JavaScript function “FindProxyForURL(URL, host)”. This function returns a string with one or more access method specifications. These specifications cause the user agent to use a particular Proxy Server or to connect directly.
Multiple specifications provide a fall-back when a proxy fails to respond. The browser fetches this Proxy Auto-Config file before requesting other URLs. The URL of the Proxy Auto-Config file is either configured manually or determined automatically by the Web Proxy Auto-Discovery Protocol.
Security Considerations#
Proxy Auto-Config and Web Proxy Auto-Discovery Protocol are subject to malicious PAC AttacksProxy Auto-Config are well known for being a part of SSL-TLS Interception schemes.More Information#
There might be more information for this subject on one of the following:- [#1] - Proxy_auto-config
- based on information obtained 2018-05-23-