Getting OneDrive working under Windows with Squid 4.14 proxy running on localhost

I’m trying to secure a PC with parental controls by blocking keywords that can be used to bypass Cloudflare Family DNS (web proxy). I want a universal solution that also works outside the local network. I therefore chose a proxy using Squid. I’m performing HTTPS decryption via SSL bumping. The keyword blocking itself works as it should. However, I’ve run into a problem with signing in to Microsoft applications. I discovered that if I disable the proxy and the program signs in, then after re-enabling the proxy, it works as expected — OneDrive synchronizes files. I installed the decryption certificate into the Windows Trusted Root Certification Authorities store, and I also use it in the Squid configuration. I found a list of Microsoft URLs and added them as exceptions to SSL bumping, but I still can’t get the sign-in to work. Even when I use the addresses that Squid references in the log, nothing happens. I’m attaching the contents of the config.

acl localnet src 127.0.0.1/32
acl localnet src 10.0.0.0/8
acl localnet src 192.168.0.0/24
acl localnet src fc00::/7
acl localnet src fe80::/10

acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT

acl ms_domains ssl::server_name ^(.+\.)?officeapps\.live\.com$
acl ms_domains ssl::server_name ^(.+\.)?online\.office\.com$
acl ms_domains ssl::server_name ^office\.live\.com$
acl ms_domains ssl::server_name ^(.+\.)?office\.net$
acl ms_domains ssl::server_name ^(.+\.)?onenote\.com$
etc... (I must remove the rest because it says it's spam...)

#acl ms_domains ssl::server_name "C:/Squid/etc/whitelist.txt"
acl ms_ip dst "C:/Squid/etc/whitelist_ip.txt"

http_port 3128 ssl-bump cert=C:/Squid/certs/myCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB

sslcrtd_program C:/Squid/lib/squid/security_file_certgen.exe -s C:/ssl_db_test -M 4MB
sslcrtd_children 5

#SSL bump
acl step1 at_step SslBump1

#bumping Microsoft
ssl_bump peek step1
ssl_bump splice ms_domains
ssl_bump splice ms_ip
ssl_bump bump all

tls_outgoing_options cafile=C:/Squid/etc/cacert.pem`

acl blocked_keywords url_regex -i "C:/Squid/etc/blocked_keywords.txt"
http_access deny blocked_keywords

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localnet
http_access allow localhost

access_log C:/Squid/var/log/access.log
cache_log C:/Squid/var/log/cache.log
debug_options ALL,1 33,2

cache_dir aufs /cygdrive/c/squid/cache 3000 16 256
coredump_dir /var/cache/squid

dns_nameservers 1.1.1.3 1.0.0.3
max_filedescriptors 3200