The purpose of this article is to provide a way to allow the Google reCAPTCHA while blocking Google in general.
SSL Interception is a requirement for this process because the reCAPTCHA URLs are within Google sites and the only way for the proxy to have visibility over them is by applying SSL Interception on www.google.com
Below is CPL code. We need to create two Web Access Layers as shown below:
<Proxy>
url.domain="www.google.com" http.method=CONNECT Allow
url.domain="www.google.com" Deny
<Proxy>
condition=reCAPTCHA Allow
define condition reCAPTCHA
url.host.exact="www.google.com" url.path.substring="recaptcha"
url.host.exact="www.google.com" url.path.substring="xjs"
url.host.exact="www.google.com" url.path.substring="js"
end
Note: The only difference between Explicit and Transparent is that the first rule is not required in Transparent (as there is no CONNECT request)