Skip to content

PAC Server

Every Proxy includes a built-in PAC (Proxy Auto-Configuration) server.

The PAC server hosts a static PAC file that automatically configures client devices to use the SOCKS and HTTP proxies running on your Android device.

What the PAC File Returns

The PAC server always returns the following function:

function FindProxyForURL(url, host) {
    return "SOCKS <device-ip>:<socks-port>; PROXY <device-ip>:<http-port>; DIRECT";
}

The actual IP address and ports are populated using the values shown in the app.

What This Means

For each network request, the client will attempt:

  1. SOCKS proxy (first)
  2. HTTP proxy (fallback)
  3. DIRECT connection (final fallback)

The order is fixed and does not change per request.

There is no rule-based routing or hostname evaluation.

How It Works

  1. Every Proxy serves the PAC file over HTTP.
  2. A client device is configured with the PAC URL.
  3. The client downloads the PAC file.
  4. For each request, the client evaluates FindProxyForURL.
  5. The client attempts connections in the order returned.

The PAC server only provides configuration instructions.
All traffic flows through the SOCKS or HTTP proxy servers themselves.

When to Use the PAC Server

Use the PAC server when:

  • You want automatic proxy configuration
  • You are configuring multiple client devices
  • You want SOCKS-first with HTTP fallback
  • You want a simple fallback chain without manual proxy entry

If you only need one proxy type and are configuring a single device, manual configuration may be sufficient.

Enabling the PAC Server

  1. Open Every Proxy on your Android device.
  2. Enable:
    • SOCKS proxy
    • HTTP proxy
    • PAC server
  3. Note the PAC URL shown in the app (for example: http://device-ip:port/proxy.pac).
  4. Configure the client device to use that URL for automatic proxy configuration.

The client will then automatically attempt SOCKS, then HTTP, then direct connection.

Important Notes

  • The PAC file is static and does not evaluate URLs or hosts.
  • There is no conditional routing logic.
  • The PAC server does not forward traffic.
  • Proxy authentication must be configured on the HTTP or SOCKS proxy.
  • Encrypted traffic remains end-to-end encrypted.