IE/Edge do not support shExpMatch?

I observe some weird behavior. I have configured ZApp to forward traffic using Tunnel with Local Proxy and I want to test bypassing of applications that use system proxy. Bypass rule is based on destination port.

So, the logic I’ve put into Proxy PAC file, which I assigned to Forwarding Profile is

if (shExpMatch(url, "*:9090*"))
    return "DIRECT";

I have initially tested in IE/Edge but it didn’t work (was always going through Zscaler and was always blocked by Tunneling protection of Zscaler), so I spent some time troubleshooting (checking PAC is being enforced on system proxy level, if proper PAC is downloaded, etc). I have then tried installing Firefox and Chrome and it worked absolutely fine - anything to port 9090 is now bypassed, everything else is sent to Zscaler.

This is exactly the logic I expected to obeserve, but apparently IE/Edge do not like shExpMatch, or need something else in it to work? I’ve searched Google but didn’t find any clues

Would you be so kind to advise what is the best way to bypass destinations by dst port?

I haven’t tried RegExp as I’d like to avoid this method due to its slowness compared to other.



Perhaps its something else with the formatting.
I’ve used the following (obviously you can substitute the port out) successfully before:
if ( shExpMatch(url, “http*://:80/”) ) { return “DIRECT”; }




by my own experience building pac files any shexpmatch more complex than a single '’ and a range like '"172.1[6-9]." simple does not work, at least in IE (which the bigger part of my users.still use).
So ‘’ or '10.’ or even ‘some*.domain.tld’ all work, but something like ‘(bla|blubb)’ doesn’t.

For your specific need this should do the trick:

var bypass9090 = /:9090//;
if (bypass9090.test(host)) { return “DIRECT”; }


Thanks @Thomas. I will give it a try and let you know