diff --git a/packages/http-client/__tests__/proxy.test.ts b/packages/http-client/__tests__/proxy.test.ts
index 62e8e96268..be1a506909 100644
--- a/packages/http-client/__tests__/proxy.test.ts
+++ b/packages/http-client/__tests__/proxy.test.ts
@@ -145,6 +145,44 @@ describe('proxy', () => {
     expect(bypass).toBeFalsy()
   })
 
+  it('checkBypass returns true if host with subdomain in no_proxy', () => {
+    process.env['no_proxy'] = 'myserver.com'
+    const bypass = pm.checkBypass(new URL('https://sub.myserver.com'))
+    expect(bypass).toBeTruthy()
+  })
+
+  it('checkBypass returns false if no_proxy is subdomain', () => {
+    process.env['no_proxy'] = 'myserver.com'
+    const bypass = pm.checkBypass(new URL('https://myserver.com.evil.org'))
+    expect(bypass).toBeFalsy()
+  })
+
+  it('checkBypass returns false if no_proxy is part of domain', () => {
+    process.env['no_proxy'] = 'myserver.com'
+    const bypass = pm.checkBypass(new URL('https://evilmyserver.com'))
+    expect(bypass).toBeFalsy()
+  })
+
+  // Do not strip leading dots as per https://github.com/actions/runner/blob/97195bad5870e2ad0915ebfef1616083aacf5818/docs/adrs/0263-proxy-support.md
+  it('checkBypass returns false if host with leading dot in no_proxy', () => {
+    process.env['no_proxy'] = '.myserver.com'
+    const bypass = pm.checkBypass(new URL('https://myserver.com'))
+    expect(bypass).toBeFalsy()
+  })
+
+  it('checkBypass returns true if host with subdomain in no_proxy defined with leading "."', () => {
+    process.env['no_proxy'] = '.myserver.com'
+    const bypass = pm.checkBypass(new URL('https://sub.myserver.com'))
+    expect(bypass).toBeTruthy()
+  })
+
+  // Do not match wildcard ("*") as per https://github.com/actions/runner/blob/97195bad5870e2ad0915ebfef1616083aacf5818/docs/adrs/0263-proxy-support.md
+  it('checkBypass returns true if no_proxy is "*"', () => {
+    process.env['no_proxy'] = '*'
+    const bypass = pm.checkBypass(new URL('https://anything.whatsoever.com'))
+    expect(bypass).toBeFalsy()
+  })
+
   it('HttpClient does basic http get request through proxy', async () => {
     process.env['http_proxy'] = _proxyUrl
     const httpClient = new httpm.HttpClient()
diff --git a/packages/http-client/src/proxy.ts b/packages/http-client/src/proxy.ts
index f13409b5b6..e4e43a5475 100644
--- a/packages/http-client/src/proxy.ts
+++ b/packages/http-client/src/proxy.ts
@@ -51,7 +51,15 @@ export function checkBypass(reqUrl: URL): boolean {
     .split(',')
     .map(x => x.trim().toUpperCase())
     .filter(x => x)) {
-    if (upperReqHosts.some(x => x === upperNoProxyItem)) {
+    if (
+      upperReqHosts.some(
+        x =>
+          x === upperNoProxyItem ||
+          x.endsWith(`.${upperNoProxyItem}`) ||
+          (upperNoProxyItem.startsWith('.') &&
+            x.endsWith(`${upperNoProxyItem}`))
+      )
+    ) {
       return true
     }
   }