1. Enable DLP:  Go to System -> Feature Visibility -> Security Features -> Data Leak Prevention and select Apply.
2. Configure the DLP dictionary to specify the word that needs to be matched. In this example, all file that has the word 'text' inside will be blocked.

config dlp dictionary

    edit "File-test-dictionary"

        set uuid 1b6e72d8-de10-51ef-cf25-f506a08c949b

        config entries

            edit 1

                set type "keyword"

                set pattern "text"

            next

        end

    next

end

3. Configure the DLP Sensor.

config dlp sensor

    edit "File-test-Sensor"

        config entries

            edit 1

                set dictionary "File-test-dictionary"

            next

        end

    next

end

4. Configure the DLP Profile and use a proxy.

config dlp profile

    edit "File-test-Profile"

        set feature-set proxy

        config rule

            edit 1

                set name "Blocked-testing"

                set severity critical

                set type message

                set proto http-post

                set filter-by sensor

                set sensor "File-test-Sensor"

                set action block

            next

        end

    next

end

5. Apply the DLP profile to firewall policy and use proxy mode.

Note:

A deep inspection is required for the DLP.

config firewall policy

    edit 1

        set utm-status enable

        set inspection-mode proxy

        set ssl-ssh-profile "deep-inspection"

        set dlp-profile "File-test-Profile"

        set logtraffic all

        set nat enable

    next

end

6. Install the CA certificate on the user's computer.