As long as you don't enable content inspection you can only analyze the url.host part of the url.
Using this property you can filter and define rules for bypassing the policy.
The path and file part is not avaible for HTTPS without content inspection.
thank you Frank,
actually, i just need to analyze the URL.host and URL.category i dont need to analyze the content, i've enabling the Set Client Context to analyze the https URLs, but it didnt work, the https traffic is bypassing the policy.
You need "Set Client context" only for Blockpages (if needed)
You may try rule trace (Troubleshooting, Rule tracing central) and check why your rule does not work. Maybe your request does not trigger the rule due to a stop cycle somewhere in the beginning of your ruleset.