Configuring the proxy settings for WinHTTP-based applications programmatically using Proxy Auto-Configuration (PAC) file

A description of the Web Proxy Auto Detect (WPAD) feature

The WPAD feature lets services locate an available proxy server by querying a DHCP option or by locating a particular DNS record. For more information about the advantages and disadvantages of using DNS instead of DHCP for WPAD, click the following article number to view the article in the Microsoft Knowledge Base: 816320 How to configure firewall and Web proxy client Autodiscovery in Windows Server 2003

 

The WPAD protocol works as follows:

  1. Using the DHCP and/or DNS network protocols, the URL of a Proxy Auto-Configuration (PAC) file is discovered. The URL identifies a PAC file on the client’s local network. WinHTTP supports only "http:" and "https:" PAC URLs; it does not, for example, support "file:" URLS.
  2. The PAC file is downloaded and optionally cached on the client’s computer. The PAC file is an executable script that generates a list of one or more proxy servers given a target host name and URL. WinHTTP supports only ECMAScript-based PAC files.
  3. On each HTTP request, the PAC script code is executed, with the host name and URL of the HTTP request passed in as parameters. WinHTTP expects the PAC script code to contain a function called FindProxyForURL, in the form:
  4. FindProxyForURL( url, host );

    This function computes a list of one or more proxy servers that can be used by the HTTP client in order to transmit the request. If the PAC script determines that the HTTP client can reach the target server directly without going through a proxy server at all, it indicates this using a special return value.

      This is being employed in Windows Automatic Updates:
    The Automatic Updates service is configured to download and install updates from the Microsoft Windows Update Web site

    The Automatic Updates service can automatically download and install updates from the Windows Update Web site. The Automatic Updates service does not require user interaction because this service runs in the context of the Local System account. The Automatic Updates service does not have access to the user-specific proxy server settings that may be configured in Internet Explorer. WinHTTP has been employed, instead of WinInet in Internet Explorer, as the Automatic Updates service affects system wide level configuration and should require administrator level control. WinHTTP is considered as more appropriate in this type of usage scenario. The Automatic Updates service can only discover a proxy server by using one of the following methods:

    • The proxy server is manually configured by using the Proxycfg.exe tool for Windows XP and Windows Server 2003. For Windows Vista and newer OS, Netsh command is available to manually configure the proxy server.  For more information about how to use the Proxycfg.exe tool, click the following article number to view the article in the Microsoft Knowledge Base:
      289481 You may need to run the Proxycfg tool for ServerXMLHTTP to work
    • Web Proxy Auto Detect (WPAD) settings are configured in either of the following locations in the network environment:
      • The Domain Name System (DNS) options
      • The Dynamic Host Configuration Protocol (DHCP) options

      For more information about a related topic, click the following article number to view the article in the Microsoft Knowledge Base:

      816320 How to configure firewall and Web proxy client Autodiscovery in Windows Server 2003

    References:

    How the Windows Update client determines which proxy server to use to connect to the Windows Update Web site

    How to change LAN Settings (proxy configuration) programmatically

    Advertisements

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.