search cancel

How to control YouTube categorization bypass in ProxySG


Article ID: 168987


Updated On:


Asset Management Solution Data Center Security Monitoring Edition ProxySG Software - SGOS


Customer is having policy to control access to certain YouTube categories. For eg: Denying access to YouTube categories “Movies” & “Entertainment”. Clients may try to modify the url in the request which may break YouTube categorization. This will make the YouTube category control not working as expected.


YouTube categorization is provided by YouTube when queried with the individual Video-ID. ProxySG takes this from the url as in the example below

If customer modifies this url and add an extra "/v/" after the domain, categorization will fail. This video will be then considered as “Uncategorized” and may get allowed depending on the customer policies.

There are multiple ways to bypass categorization in YouTube and the above is just one such modification. The attached policy to this article is updated with known bypass methods.


This url modification can be dealt by adding policy to redirect any request with the extra “/v/” back to its original form.

; Rule to redirect modified YT requests to Original form
<proxy> url.domain=""
url.path.prefix="/v/watch" action.YT_Redirect_1(yes)
url.path.prefix="/v?" action.YT_Redirect_2(yes)
url.path.prefix="/e?" action.YT_Redirect_3(yes)
url.path.prefix="/TV" action.YT_Redirect_4(yes)

define action YT_Redirect_1
redirect( 307, "*)", "$(1)" )

define action YT_Redirect_2
redirect( 307, "*)", "$(1)" )

define action YT_Redirect_3
redirect( 307, "*)", "$(1)" )

define action YT_Redirect_4
redirect(307, "\?v=(.*)", "$(1)" )

Policy is also attached to this article


YouTube Bypass Redirect_v2.txt get_app