Skip to main content

dM8EuJ_ZbG6ImYOm9ge6Zzo8iyjGyFzCnS0fmTs1C1mdsepP-sQl1a0w_PK6blQwOjNLcsoslM0TYuN1WjoO8lsZIHYT69OdIpm7QpoTVC7ehKqkoDSjmsgMZ-HeKOtHhLPDDW5myHokpuFbYRDLfKw

Netskope Global Technical Success (GTS)

How To - Usage of HTTP Header Profile to read HTTP Referrer

 

Netskope Cloud Version - 126

 

Objective

This article aims to explain how to use the HTTP Header profile in web policies to capture where the call was generated (source) and action according to its destination.

 

Prerequisite

Netskope CASB/NGSWG

 

Context

At Netskope, we have noticed a large number of customers who are restricting the “Streaming & Downloadable Video” category for all employees. However, these customers would also have YouTube videos embedded in their portals for business purposes, such as training, marketing, etc.

With the following configuration, employees can access YouTube only through approved company portals, ensuring the video streaming provider is used strictly for work-related activities.

 

Parent article

 

Do you know?

The "Referer" HTTP request header contains the address from which a resource has been requested;
In the example below you can see that the Youtube video embedded into another website has been called from "https://www.legaseriea.it/"

 

AD_4nXeMLqYv7ElqvT9cRDcZ0g50gBqH5tYUmhHKW56fj0SjBS-cFkVII6b9tS13qT8y-75ELXZ6TuBMgrGrvLkXNeyjGaKqmsbODv9pTjucofwnBqDWVlbwVy-ZSo_U3p2q_YM0ulbw?key=waB1Sdy5AVQrwsPO6zel0A

 

ℹ️ The referrer header value can be seen on the SkopeIT event like below:

AD_4nXebBXKVbNbv6czc24TyLIqydxp_c3GFydZ6BKJeDu7111wSwYW63glBCEqQgWAl-H6Dw_ByHztvjY723PGp8ab_qq2jgul2DpG1gVoelpBa8C-dho2ipxutdg-CRedqTlwQyWZ4pZP2ztgMJTpEgqh1o21pdamzP-SQLP9zIQ?key=EgsQwH9ZftBGyCnTqvvNoQ

 

Procedure

Step #1 - Defining an HTTP Header profile on the
Path:
Netskope Tenant UI >>> Policies >>> HTTP Header

  • Click on “New HTTP Header Profile”, add a name, search for “Referer”, select RegEx, add the following RegEx, then save

AD_4nXedyHtzlNdNOuPw4rU-tI78F8EaOw874SFWQc_BVywwY5UkldIRdWAvsQWup1QErnVXD0S9CxJc7DTIcjud674gBiKpCjEB9YlpciHRpbeA7ZVLzufj7J3h9XHbdu2a4jeZxCJulw?key=waB1Sdy5AVQrwsPO6zel0A

 

Step #2 - Create a Real-Time Policy
Path:
Netskope Tenant UI >>> Policies >>> Real-time Protection

  • Click on “New Policy”, select “Web Access”, then add the following configuration, and apply changes

AD_4nXc1NlvMO8eMRxaJpPQDH3vHmwMcvN5LiIk9I7HNbVsOQOG7uO28BMvMokTZu5DCNa0cnNDUPmwaAQvEzrjyn02Sq_hp657hDN-oM1EUlexw-G_-_wfa2zHYBUW8ZlinAIExl4WQ_g?key=waB1Sdy5AVQrwsPO6zel0A

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.
Be the first to reply!