Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 2

using MWG full URL instead of base URL as part of Redirect

We have an application which we redirect to for specific websites. It performs an AD update and updates an internal database, then it redirects to the URL.  The redirect only uses the base URL, not the one the user submitted.  We want it to use the full URL.

Example:  The user requests the full 'goto' URL (e.g., Since is a website that we run through the app, our rules take effect and the app is executed.

After the internal app is run and the user is added to the database, the proxy redirects to the requested URL.  However this always redirects to just the base URL (  Once the user has gone through the app once he can resubmit the 'goto' URL and get there, but we don't want them to have to re-enter the full URL.  We want to pass it back to Chrome, etc.

I've tried using UrlManipulation.SetParameter and a User-Defined.URLsave value, as well as trying to feed URL.Raw in the Redirect string.  None of this works. 

This is an example rule:

URL.Host.BelongsToDomains (Dropbox URLs) equals true AND
Authentication.UserGroups does not contain "DevDropbox"

Redirect<uses default 'Redirected' template>

Set Redirect.URL = ""
+ "&URL="

I've also used 'URL.Raw' in place of 'URL' in the above event.  It just concatenates the base URL again.

This is in our dev proxy where we are testing SSL decryption, but the URL attribute contents are stripped to just the base URL very early in the rule sets.

We are using MWG on premise.

Thanks for your assistance!


1 Reply
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: using MWG full URL instead of base URL as part of Redirect


do you do SSL Inspection for Dropbox?

If no SSL inspection is done MWG does not know the Path, all that MWG sees is that you are accessing, the path is only available within the SSL tunnel.

If SSL inspection is used please check if you send the redirect as a response to the CONNECT or CERTVERIFY command. At this stage also the path is not available. In that case you can extend the rule to only return the redirect if URL.Path is not empty.


You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community