# Internet access - Documentation

> For the complete documentation index, see [llms.txt](/llms.txt). Markdown is available with `Accept: text/markdown` and `.md` URL variants.

Source: /docs/guides/sandbox-internet-access

# Internet access

Internet connectivity is available in every sandbox, and external access is provided through a public URL.

##

[​](#toggling-internet-access)

Toggling internet access

When creating a sandbox, you can use the `allowInternetAccess` / `allow_internet_access` parameter to configure internet connectivity. Internet access is turned on by default, but it can be disabled for workloads with stricter security requirements.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Create sandbox with internet access enabled (default)
const sandbox = await Sandbox.create({ allowInternetAccess: true })

// Create sandbox without internet access
const isolatedSandbox = await Sandbox.create({ allowInternetAccess: false })
```

```
from novita_sandbox.code_interpreter import Sandbox

# Create sandbox with internet access enabled (default)
sandbox = Sandbox.create(allow_internet_access=True)

# Create sandbox without internet access
isolated_sandbox = Sandbox.create(allow_internet_access=False)
```

If internet access is disabled, the sandbox is prevented from initiating outbound network requests. This helps add an extra layer of protection when running sensitive code.

Passing a falsy value to `allowInternetAccess` / `allow_internet_access` has the same effect as adding `['0.0.0.0/0']` to `network.denyOut` / `network.deny_out`, which blocks every destination.

##

[​](#fine-grained-network-control)

Fine-grained network control

Network configuration provides finer-grained control over outbound traffic by allowing you to define allowlists and denylists.

###

[​](#allow-and-deny-lists)

Allow and deny lists

IP addresses, CIDR blocks, or domain names that the sandbox is allowed to access can be specified.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Deny all traffic except specific IPs
const sandbox = await Sandbox.create({
network: {
denyOut: ['0.0.0.0/0'],
allowOut: ['1.1.1.1', '8.8.8.0/24']
}
})

// Deny specific IPs only
const restrictedSandbox = await Sandbox.create({
network: {
denyOut: ['8.8.8.8']
}
})
```

```
from novita_sandbox.code_interpreter import Sandbox

# Deny all traffic except specific IPs
sandbox = Sandbox.create(
network={
"deny_out": ["0.0.0.0/0"],
"allow_out": ["1.1.1.1", "8.8.8.0/24"]
}
)

# Deny specific IPs only
restricted_sandbox = Sandbox.create(
network={
"deny_out": ["8.8.8.8"]
}
)
```

The CIDR `'0.0.0.0/0'` / `"0.0.0.0/0"` is shorthand for “every destination”. An exported `ALL_TRAFFIC` constant resolves to the same `0.0.0.0/0` value if you prefer a named alternative to the literal.

###

[​](#domain-based-filtering)

Domain-based filtering

You can specify hostnames in `allowOut` / `allow_out` to permit outbound traffic to selected domains. When domain-based filtering is enabled, all remaining traffic must be blocked through `denyOut` / `deny_out`. Domain entries are only supported in allow lists and cannot be used in deny lists.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Allow only traffic to google.com
const sandbox = await Sandbox.create({
network: {
allowOut: ['google.com'],
denyOut: ['0.0.0.0/0']
}
})
```

```
from novita_sandbox.code_interpreter import Sandbox

# Allow only traffic to google.com
sandbox = Sandbox.create(
network={
"allow_out": ["google.com"],
"deny_out": ["0.0.0.0/0"]
}
)
```

Whenever a domain appears in the configuration, the default nameserver `8.8.8.8` is allowed automatically so that DNS resolution keeps working.

You can also match every subdomain of a domain with a wildcard:

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Allow traffic to any subdomain of mydomain.com
const sandbox = await Sandbox.create({
network: {
allowOut: ['*.mydomain.com'],
denyOut: ['0.0.0.0/0']
}
})
```

```
from novita_sandbox.code_interpreter import Sandbox

# Allow traffic to any subdomain of mydomain.com
sandbox = Sandbox.create(
network={
"allow_out": ["*.mydomain.com"],
"deny_out": ["0.0.0.0/0"]
}
)
```

Domains, IP addresses, and CIDR ranges can all be mixed together in the same list:

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Allow traffic to specific domains and IPs
const sandbox = await Sandbox.create({
network: {
allowOut: ['api.example.com', '*.github.com', '8.8.8.8'],
denyOut: ['0.0.0.0/0']
}
})
```

```
from novita_sandbox.code_interpreter import Sandbox

# Allow traffic to specific domains and IPs
sandbox = Sandbox.create(
network={
"allow_out": ["api.example.com", "*.github.com", "8.8.8.8"],
"deny_out": ["0.0.0.0/0"]
}
)
```

Filtering by domain applies only to HTTP over port 80 (inspected via the Host header) and TLS over port 443 (inspected via SNI). Any other port falls back to CIDR-based matching, and UDP protocols such as QUIC/HTTP3 cannot be filtered by domain.

###

[​](#how-blocked-tcp-connections-behave)

How blocked TCP connections behave

Because of the firewall architecture, a blocked outbound connection can still look successful from within the sandbox.
The firewall must first accept the TCP connection before it can evaluate whether the target destination is permitted. As a result, code running inside the sandbox may see the connection succeed and the socket open, even if the destination is blocked. In that case, no traffic is actually delivered to the remote endpoint.
To confirm that the destination is reachable, validate an application-level response instead of relying only on TCP connection success. For example, check for an HTTP status code, a completed TLS handshake, or the expected protocol response bytes.
This behavior is a current limitation of how sandbox outbound traffic is routed through our firewall and may be updated in the future.

###

[​](#priority-rules)

Priority rules

If both allow and deny rules are configured, the allow rules take priority. Therefore, any IP address that appears in both lists will still be permitted.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Even though all traffic is denied, 1.1.1.1 and 8.8.8.8 are explicitly allowed
const sandbox = await Sandbox.create({
network: {
denyOut: ['0.0.0.0/0'],
allowOut: ['1.1.1.1', '8.8.8.8']
}
})
```

```
from novita_sandbox.code_interpreter import Sandbox

# Even though all traffic is denied, 1.1.1.1 and 8.8.8.8 are explicitly allowed
sandbox = Sandbox.create(
network={
"deny_out": ["0.0.0.0/0"],
"allow_out": ["1.1.1.1", "8.8.8.8"]
}
)
```

The `network` settings take effect only when the sandbox is created — supply them to `Sandbox.create`. Once the sandbox exists, they are fixed and cannot be modified.

##

[​](#sandbox-public-url)

Sandbox public URL

Services in a sandbox can be accessed by using the sandbox’s public URL.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

const sandbox = await Sandbox.create()

// You need to always pass a port number to get the host
const host = sandbox.getHost(3000)
console.log(`https://${host}`)
```

```
from novita_sandbox.code_interpreter import Sandbox

sandbox = Sandbox.create()

# You need to always pass a port number to get the host
host = sandbox.get_host(3000)
print(f'https://{host}')
```

The output will be like this:

JavaScript & TypeScript

Python

```
https://3000-i62mff4ahtrdfdkyn2esc.sandbox.novita.ai
```

```
https://3000-i62mff4ahtrdfdkyn2esc.sandbox.novita.ai
```

The leftmost segment of the hostname is exactly the port number you handed to the method.

##

[​](#connecting-to-a-server-running-inside-the-sandbox)

Connecting to a server running inside the sandbox

You can connect to a server running inside the sandbox using the method described earlier; for example, start a lightweight HTTP server on port 3000 to serve files from its launch directory.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

const sandbox = await Sandbox.create()

// Start a simple HTTP server inside the sandbox.
const process = await sandbox.commands.run('python -m http.server 3000', { background: true })
const host = sandbox.getHost(3000)
const url = `https://${host}`
console.log('Server started at:', url)

// Fetch data from the server inside the sandbox.
const response = await fetch(url);
const data = await response.text();
console.log('Response from server inside sandbox:', data);

// Kill the server process inside the sandbox.
await process.kill()
```

```
import requests
from novita_sandbox.code_interpreter import Sandbox

sandbox = Sandbox.create()

# Start a simple HTTP server inside the sandbox.
process = sandbox.commands.run("python -m http.server 3000", background=True)
host = sandbox.get_host(3000)
url = f"https://{host}"
print('Server started at:', url)

# Fetch data from the server inside the sandbox.
response = requests.get(url)
data = response.text
print('Response from server inside sandbox:', data)

# Kill the server process inside the sandbox.
process.kill()
```

This output will be as follows:

JavaScript & TypeScript

Python

```
Server started at: https://3000-ip3nfrvajtqu5ktoxugc7.sandbox.novita.ai
Response from server inside sandbox:

Directory listing for /

# Directory listing for /

- [.bash_logout](.bash_logout)

- [.bashrc](.bashrc)

- [.profile](.profile)

```

```
Server started at: https://3000-ip3nfrvajtqu5ktoxugc7.sandbox.novita.ai
Response from server inside sandbox:

Directory listing for /

# Directory listing for /

- [.bash_logout](.bash_logout)

- [.bashrc](.bashrc)

- [.profile](.profile)

```

##

[​](#masking-request-host-headers)

Masking request host headers

You can use the `maskRequestHost` / `mask_request_host` option to customize the Host header sent to services running inside the sandbox. This is useful when your application expects requests to follow a specific host format.

JavaScript & TypeScript

Python

```
import { Sandbox } from 'novita-sandbox/code-interpreter'

// Create sandbox with custom host masking
const sandbox = await Sandbox.create({
network: {
maskRequestHost: 'localhost:${PORT}'
}
})

// The ${PORT} variable will be replaced with the actual port number
// Requests to the sandbox will have Host header set to for example: localhost:8080
```

```
from novita_sandbox.code_interpreter import Sandbox

# Create sandbox with custom host masking
sandbox = Sandbox.create(
network={
"mask_request_host": "localhost:${PORT}"
}
)

# The ${PORT} variable will be replaced with the actual port number
# Requests to the sandbox will have Host header set to for example: localhost:8080
```

At request time, `${PORT}` in the mask is substituted with the real port number of the service being addressed.

Last modified on June 4, 2026
