Allow a single YouTube video through my ProxySG My company does not allow YouTube or streaming media. However, there is one video we want our users to view
Youtube.com defaults to HTTPS. As a result, for the solution to work, customer environment needs to meet the prerequisite:
1. SSL Intercept is enabled to intercept traffic.
2. Explicit Deployment: Detect Protocol is enabled to hand off the traffic to SSL Proxy
The ProxySG can be configured to allow a single YouTube video to pass through the proxy while blocking all other YouTube content. This policy can be created and placed into the local policy file. For information on how to install the CPL policy into the local policy file, please see 000010101 for information on how to install policy into the local policy file. The following example uses a Blue Coat corporate video located at https://www.youtube.com/watch?v=snkEXxCwpMA
1. Locate the unique string in the YouTube URL https://www.youtube.com/watch?v=snkEXxCwpMA
The unique string will be used in CPL in the video url is after watch?v. If the url contains watch?v and &feature= use the string between them. In our example, the string = snkEXxCwpMA
define condition YoutubeVideo url.substring=snkEXxCwpMA end
NOTE: To allow another youtube video, add a new line in the YouTubeVideo. For example, to allow youtube video https://www.youtube.com/watch?v=q-D50wpJdaM
define condition YoutubeVideo url.substring=snkEXxCwpMA url.substring=q-D50wpJdaM end
In some cases, a YouTube video is embedded within another URL. Assuming the URL hosting the embedded video is allowed by policy, but the video is denied based on your YouTube or streaming video deny rule, you can edit the above local policy slightly to allow the embedded video.
<proxy> condition=Youtube_Support allow url.substring=crossdomain.xml allow ; Allow video to play from domain other than youtube.com url.domain=youtube.com condition=YoutubeVideo allow ; allow the specified youtube urls url.domain=googlevideo.com allow url.domain=www.youtube.com deny url.domain=youtube.com allow