diff --git a/docs.json b/docs.json index cac6de66..9a5e42ef 100644 --- a/docs.json +++ b/docs.json @@ -148,7 +148,8 @@ "docs/template/examples/expo", "docs/template/examples/desktop", "docs/template/examples/claude-code", - "docs/template/examples/docker" + "docs/template/examples/docker", + "docs/template/examples/egress-header" ] }, "docs/template/migration-v2" diff --git a/docs/template/examples/egress-header.mdx b/docs/template/examples/egress-header.mdx new file mode 100644 index 00000000..622f3a6b --- /dev/null +++ b/docs/template/examples/egress-header.mdx @@ -0,0 +1,65 @@ +--- +title: "Egress header" +description: "Sandbox with automatic HTTP header injection on outbound requests" +--- + +This template automatically tags every outbound HTTP and HTTPS request from the sandbox with a custom header containing the sandbox ID. No code changes needed — any request your agent makes to external APIs will carry the `X-Sandbox-ID` header transparently. + +This enables you to: +- **Track API usage per sandbox** — correlate external API calls back to the sandbox that made them +- **Route traffic** — use the header in your API gateway or proxy to apply per-sandbox rate limits, logging, or access policies +- **Audit agent behavior** — see exactly which external services each sandbox is calling + +## How it works + +A transparent proxy runs inside the sandbox and intercepts all outbound HTTP/HTTPS traffic. It injects an `X-Sandbox-ID` header into every request before forwarding it to the destination. The sandbox's CA certificate is automatically trusted so HTTPS works without any configuration in Python, Node.js, or any other runtime. + +Your code doesn't need to know the proxy exists — it works at the network level. + +## Usage + +Create a sandbox from the template. Every outbound request automatically includes the `X-Sandbox-ID` header. + + + +```typescript JavaScript & TypeScript +import { Sandbox } from 'e2b' + +const sbx = await Sandbox.create('sandbox-egress-header', { timeoutMs: 120_000 }) + +// Any outbound request from the sandbox will include X-Sandbox-ID +const result = await sbx.commands.run('curl -s https://httpbin.org/headers') +console.log(result.stdout) + +await sbx.kill() +``` + +```python Python +from e2b import Sandbox + +sbx = Sandbox.create("sandbox-egress-header", timeout=120) + +# Any outbound request from the sandbox will include X-Sandbox-ID +result = sbx.commands.run("curl -s https://httpbin.org/headers") +print(result.stdout) + +sbx.kill() +``` + + + +The response from httpbin.org shows the injected header: + +```json +{ + "headers": { + "Accept": "*/*", + "Host": "httpbin.org", + "X-Sandbox-Id": "i3sb4m2knepruowf004y7" + } +} +``` + +## Source code + +The full template source including the proxy addon, startup script, and build configuration is available on [GitHub](https://github.com/e2b-dev/template-examples).