You may see the ProxySG appliance returning an exception when a browser makes a CONNECT request. The CONNECT method is used when a browser is explicitly configured to use a proxy and an HTTPS request is made.
The ProxySG appliance consistently responds with an HTTP 403 Forbidden "Appliance Error (configuration_error)" message to all browsers. It entirely relies on individual browsers' behavior to handle the response. Certain browsers (usually older ones) might be able to render the exception page, while others might show a "Page cannot be displayed" or "Connection refused" error.
Refer to the web browser’s vendor for more information on their response.
The following restriction exists when making a CONNECT request when an authentication scheme is configured that uses redirection. Examples include origin-ip-redirect, origin-cookie-redirect, and forms-based authentication.
Because the appliance does not have visibility into the actual URL requested by the client on a CONNECT request, it will never be able to redirect the client to the originally requested URL after authentication occurs.