The URL Content Redirection feature does not work in certain circumstances.

Shortened URLs

Shortened URLs, such as https://goo.gl/abc, can be redirected based on filtering rules, but the filtering mechanism does not examine the original unshortened URL.

For example, if you have a rule that redirects URLs that contain acme.com, an original URL, such as http://www.acme.com/some-really-long-path, and a shortened URL of the original URL, such as https://goo.gl/xyz, the original URL is redirected, but the shortened URL is not redirected.

You can work around this limitation by creating rules to block or redirect URLs from the Web sites most often used for shortening URLs.

Embedded HTML Pages

Embedded HTML pages bypass URL redirection, for example, when a user goes to a URL that does not match a URL redirection rule. If a page contains an embedded HTML page (an iFrame or inline frame) that contains a URL that does match a redirection rule, the URL redirection rule does not work. The rule works only on the top-level URL.

Disabled Internet Explorer Plug-Ins

URL Content Redirection does not work in situations where Internet Explorer plug-ins are disabled, for example, when a user switches to InPrivate Browsing in Internet Explorer. People use private browsing so that Web pages and files downloaded from Web pages will not be logged in to the browsing and download history on their computer. This limitation occurs because the URL Redirection feature requires a certain Internet Explorer plug-in to be enabled, and private browsing disables these plug-ins.

You can work around this limitation by using the GPO setting to prevent users from disabling plug-ins. These settings include "Do not allow users to enable or disable add-ons" and "Automatically enable newly installed add-ons." In the Group Policy Management Editor, these settings are under Computer Configuration > Administrative Templates > Windows Components > Internet Explorer.

To work around this limitation specifically for Internet Explorer, use the GPO setting to disable InPrivate mode. This setting is called "Turn off InPrivate Browsing." In the Group Policy Management Editor, these settings are under Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Privacy.

These workarounds are best practices and can prevent issues with redirection that situations other than private browsing can cause.

Windows 10 Universal App Is the Default Handler for a Protocol

URL redirection does not work if a Windows 10 Universal app is the default handler for a protocol specified in a link. Universal applications are built on the Universal Windows Platform so that they can be downloaded to PCs, tablets, and phones, include the Microsoft Edge browser, Mail, Maps, Photos, Grove Music and others.

If you click a link for which one of these applications is the default handler, the URL is not redirected. For example, if a user clicks an email link in an application and the default email application is the Mail universal app, the URL specified in the link is not redirected.

You can work around this limitation by making a different application the default handler of the protocol of URLs that you want to redirect. For example, if Edge is the default browser, make Internet Explorer the default browser.

Secure Boot Enabled Machines

Machines that have secure boot enabled leave the URL Content Redirection feature disabled. URLs cannot be redirected from these machines. URLs can be redirected to these machines.