Skip to content

feat: propagate NO_PROXY and configurable env vars into sandbox execution environment#273

Merged
BeautyyuYanli merged 1 commit into
langgenius:mainfrom
kurokobo:env
Jun 15, 2026
Merged

feat: propagate NO_PROXY and configurable env vars into sandbox execution environment#273
BeautyyuYanli merged 1 commit into
langgenius:mainfrom
kurokobo:env

Conversation

@kurokobo

@kurokobo kurokobo commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Summary

Sandbox-injected environment variables (e.g. custom CA paths, NO_PROXY) were silently dropped at the boundary between the container process and the sandboxed Python/Node.js subprocess.

This PR fixes that by:

  1. Forwarding NO_PROXY automatically alongside the existing proxy variables.
  2. Fixing HTTP_PROXY/HTTPS_PROXY not being forwarded in the Node.js runner (bug parity with Python runner).
  3. Adding allowed_env_vars — an administrator-controlled whitelist of environment variable names to forward from the container into the execution environment.

Closes #272

Configuration

# conf/config.yaml
proxy:
  no_proxy: 'localhost,127.0.0.1,.internal.example.com'
allowed_env_vars:
  - SSL_CERT_FILE
  - REQUESTS_CA_BUNDLE
  - CURL_CA_BUNDLE
  - NODE_EXTRA_CA_CERTS
  - AWS_CA_BUNDLE

Or via environment variables:

NO_PROXY=localhost,127.0.0.1
ALLOWED_ENV_VARS=SSL_CERT_FILE,REQUESTS_CA_BUNDLE,CURL_CA_BUNDLE,NODE_EXTRA_CA_CERTS,AWS_CA_BUNDLE

Tests

Container configuration:
Tested with following docker-compose.override.yaml:

services:
  sandbox:
    image: dify-sandbox:local   # ✅ Locally built image with this PR
    environment:
      NO_PROXY: localhost,127.0.0.1,.internal.example.com  # ✅ New env var
      ALLOWED_ENV_VARS: MY_CUSTOM_VAR,ANOTHER_VAR  # ✅ Propagate following to env vars to the script runtime
      MY_CUSTOM_VAR: hello_from_container
      ANOTHER_VAR: world
      UNLISTED_SECRET: this_should_not_be_exposed  # ✅ This should not be propagated

App:
In code blocks, I run code in both Python and JavaScript that simply prints the value of a specified environment variable.
If the environment variable does not exist, output UNDEFINED.

Result:
image
I can confirm:

  • NO_PROXY is automatically propagated.
  • MY_CUSTOM_VAR and ANOTHER_VAR are propagated by ALLOWED_ENV_VARS
  • UNLISTED_SECRET is NOT propagated since it is not listed in ALLOWED_ENV_VARS

@kurokobo

kurokobo commented Jun 14, 2026

Copy link
Copy Markdown
Contributor Author

@crazywoola @wylswz @BeautyyuYanli
Just to clarify, I understand that the sandbox environment itself will likely be transitioning to dify-agentbox.

That said, the existing dify-sandbox is still very easy to use without any special setup, so I believe there is still sufficient demand for it. For that reason, I submitted this enhancement.

I’d appreciate it if you could consider merging it and releasing it. Thanks!

@wylswz wylswz requested a review from BeautyyuYanli June 15, 2026 01:37
@BeautyyuYanli BeautyyuYanli merged commit 44cdbd5 into langgenius:main Jun 15, 2026
2 checks passed
@kurokobo kurokobo deleted the env branch June 15, 2026 03:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BeautyyuYanli BeautyyuYanli BeautyyuYanli approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[RFE] Allow configuring environment variables to propagate into sandbox execution environment

2 participants

@kurokobo @BeautyyuYanli