I have rather complex proxy setup and one of those proxies requires username/password. Is there a way to configure the username/password so that users don't have to enter them when traffic is redirected to this one proxy? Atleast returning PROXY username:password@server:port
or PROXY http://username:password@server:port
wont work.
I had similar problem, so create a tool: https://github.com/sjitech/proxy-login-automator
This tool can create a local proxy and automatically inject user/password to real proxy server. Support PAC script.
Proxy auto-configuration files do not support hard-coded usernames and passwords. There's good reasoning behind this too, since providing support for hard-coded credentials would open up significant security holes, as anybody would be able to easily view the required credentials to access the proxy.
Rather configure the proxy as a transparent proxy, that way you won't need a username and password. You mention in one of your comments that the proxy server is located outside your LAN, which is why you require authentication. However, most proxies support rules based on the source IP, in which case it's a simple matter of only allowing requests originating from your corporate network.
The original proxy auto-config specification was originally drafted by Netscape in 1996. The original specification is no longer available directly, but you can still access it using The Wayback Machine's archived copy. The specification hasn't changed much, and is still largely the same as it was originally. You'll see the specification is quite simple, and that there is no provision for hard-coded credentials.
I don't think it can be done - the proxy.pac file is a javascript file, as you know, with a rather limited syntax, and as far as I know this does not include any authentication method. A quick scan of the various reference sites for .pac files that I know of show no sign or hint of anything that might work, either.
Even if it did work, it would be horribly insecure as the username and password would be trivial to grab from the file, rendering any protection you hoped to gain from using authentication with your proxy useless.