The solution to this issue is to permit the 'referrer' http header, siting the trusted URL. This will ensure that, so long as the request is made while accessing the trusted URL, calls for external resources will also be permitted. Using 'example.com' as our sample domain, steps to configure policy in the Visual Policy Manager are below:
- Log in to the ProxySG appliance's web-based Management Console.
- In the configuration tab, select Policy > Visual Policy manager and click Launch.
- Locate the Web Access Layer where rules exist to deny access to the content in question.
- Create a new rule and move that rule above the deny rules causing issues with this URL.
- Right-click the Source field in this rule, click Set > New > Request Header.
- Name the object Example.com_refer.
- From the Header Name drop-down menu, choose Referer.
- In the Header Regex field enter example.com.
- Click OK.
- Click OK.
- Right-click the Action in this rule and set to Allow.
- (optional) if you only trust certain categories or external URLs, you can add them to the destination field for this rule. Otherwise, leave the destination field blank.
- Click Install Policy.
Users should now be able to view all externally-sourced content on the trusted URL.