PAC (Proxy Auto-Config)

PAC (Proxy Auto-Config) is a file format and protocol used to automatically configure web browsers to use a specific proxy server for specific URLs. This protocol was designed to simplify the process of configuring web browsers to use a proxy server, which is an intermediary server that sits between a client and a server and acts on behalf of the client to make requests to the server.

The PAC protocol works by specifying a set of rules in a script file that is loaded by the web browser. These rules determine which proxy server to use for which URL. The script can test the URL being requested and apply different proxy server settings based on the URL pattern.

Purpose and Usage

The purpose of PAC is to provide an easy way to configure web browsers to use a proxy server for specific URLs. This is particularly useful in organizations where there are multiple proxy servers and different URLs need to be routed to different servers. With PAC, the administrator can specify which URLs should use which proxy server, and the web browser will automatically use the correct proxy server based on the URL being requested.

PAC is also useful for mobile devices that may be moving between different networks. For example, a mobile device may be connected to a Wi-Fi network that requires a specific proxy server, but when the device is disconnected from the network and switches to cellular data, it may need to use a different proxy server. With PAC, the web browser can automatically detect the change in network and switch to the appropriate proxy server based on the rules specified in the PAC script.

PAC is supported by most modern web browsers, including Firefox, Chrome, and Internet Explorer. The PAC file can be hosted on a web server or can be distributed as a local file.

PAC Script Syntax

The PAC script is written in JavaScript and consists of a set of rules that determine which proxy server to use for a given URL. The syntax of the PAC script is simple and easy to understand.

The basic structure of a PAC file includes one or more functions that return the URL of the proxy server to use. The most common function is the “FindProxyForURL” function, which takes a URL as its argument and returns the URL of the proxy server to use for that URL.

Here is an example of a simple PAC script:

function FindProxyForURL(url, host) {
  if (shExpMatch(url,"*.example.com*")) {
      return "PROXY proxy1.example.com:80";
  } else if (shExpMatch(url,"*.example.net*")) {
      return "PROXY proxy2.example.net:80";
  } else {
      return "DIRECT";
  }
}

In this example, the “FindProxyForURL” function checks the URL being requested and returns the URL of the appropriate proxy server. If the URL matches “.example.com”, it returns “PROXY proxy1.example.com:80”. If the URL matches “.example.net”, it returns “PROXY proxy2.example.net:80”. If the URL does not match either of these patterns, it returns “DIRECT”, which means that no proxy server should be used.

The “shExpMatch” function is used to test the URL against a pattern. The pattern can include wildcards, such as “” or “?”, to match multiple URLs. For example, “.example.com*” matches any URL that contains “example.com” anywhere in the hostname or path.

The PAC script can include any number of rules, and each rule can specify a different proxy server or a different set of patterns to match. The order of the rules is important, as the first rule that matches the URL will be used to determine the proxy server.

PAC File Deployment

The PAC file can be deployed in several ways, depending on the needs of the organization.

One common way to deploy the PAC file is to host it on a web server and provide the URL of the file to the web browser. The web browser will automatically download the PAC file and use it to determine the appropriate proxy server. This method allows the PAC file to be updated centrally and ensures that all web browsers are using the most up-to-date version of the file.

Another way to deploy the PAC file is to distribute it as a local file. The PAC file can be included in an installation package or distributed through a network share. This method is useful for organizations that do not have a centralized web server or that need to ensure that the PAC file is available offline.

The PAC file can also be distributed through a proxy auto-configuration URL (PAC URL). This is a special URL that points to the location of the PAC file. The web browser will automatically download the PAC file from the specified location and use it to determine the appropriate proxy server. This method is useful for organizations that have multiple proxy servers and need to ensure that the correct PAC file is downloaded for each server.