The firewall policy can technically be flow-based, but if you attach a proxy-based web filter profile, FortiGate will internally switch that part of the inspection to proxy mode just for web filtering.So yes, it's allowed but not ideal or consistent, and may cause performance or functional issues.

If you don't have specific needs use flow mode for policy rule and web filter as this is like a NGFW should work and it is faster and less cpu/memory needs than proxy mode. If you need proxy mode for a specific web server for example make specific rule at the top that has the destination server ip address and port and proxy mode for web filter and in the rule itself. Proxy mode uses the WAD process for full proxy decryption while the flow mode uses the IPS engine for SSL decryption and UTM inspections.

Interesting quetion by the way and from what I see in older versions flow policy wth proxy profile may work as maybe the SSL decryption is handled by the IPS not WAD and then the traffic is send to the proxy part just for the profile to inspect it but proxy policy with flow profile is not recommended. Nowdays it is flow > flow or proxy > proxy and the firewall may even turn off the proxy features if the rule is flow and profile is proxy.

Configuring a web filter profile | FortiGate / FortiOS 7.0.16 | Fortinet Document Library

Effects of changing the inspection mode - Fortinet Community

Change in inspection mode - Flow vs Proxy... - Fortinet Community

Solved: Mix of Flow & Proxy mode Security Profile - Page 3 - Fortinet Community