From 3fa5c2cb148acc203761da755ba2dce95c46da5f Mon Sep 17 00:00:00 2001
From: "mintlify[bot]" <109931778+mintlify[bot]@users.noreply.github.com>
Date: Wed, 27 May 2026 03:39:25 +0000
Subject: [PATCH 1/2] docs: document per-host network rules and selector
callbacks
---
docs/sandbox/internet-access.mdx | 93 ++++++++++++++++++++++++++++++++
1 file changed, 93 insertions(+)
diff --git a/docs/sandbox/internet-access.mdx b/docs/sandbox/internet-access.mdx
index e6ba7123..e3fab2de 100644
--- a/docs/sandbox/internet-access.mdx
+++ b/docs/sandbox/internet-access.mdx
@@ -229,6 +229,99 @@ sandbox = Sandbox.create(
```
+### Per-host request transforms
+
+You can register per-host rules under `network.rules` to apply transforms (for example, inject HTTP headers) on outbound requests matching a host, CIDR, or IP. Rules are keyed by host and registering one does **not** grant egress on its own — the host must still be referenced via `allowOut`.
+
+The `transform.headers` object is sent on the wire as-is and injected by the egress proxy on matching HTTP/HTTPS requests.
+
+
+```js JavaScript & TypeScript
+import { Sandbox } from 'e2b'
+
+await Sandbox.create({
+ network: {
+ // Only allow egress to hosts that have rules registered.
+ allowOut: ({ rules }) => [...rules.keys()],
+ rules: {
+ 'api.openai.com': [
+ {
+ transform: {
+ headers: { 'X-Header': 'Content' },
+ },
+ },
+ ],
+ },
+ },
+})
+```
+```python Python
+from e2b import Sandbox
+
+sandbox = Sandbox(
+ network={
+ "allow_out": lambda ctx: list(ctx.rules.keys()),
+ "rules": {
+ "api.openai.com": [
+ {
+ "transform": {
+ "headers": {"X-Header": "Content"},
+ },
+ },
+ ],
+ },
+ },
+)
+```
+
+
+In JavaScript, `network.rules` accepts either a plain object or a `Map`:
+
+```js JavaScript & TypeScript
+const rules = new Map([
+ ['api.openai.com', [{ transform: { headers: { 'X-Trace': 'on' } } }]],
+])
+
+await Sandbox.create({
+ network: { allowOut: ({ rules }) => [...rules.keys()], rules },
+})
+```
+
+### Selector callbacks for `allowOut` and `denyOut`
+
+`allowOut` and `denyOut` accept either a static list (as shown above) or a **selector callback** that receives a context object — `{ allTraffic, rules }` in JavaScript and `ctx.all_traffic` / `ctx.rules` in Python. This lets you derive policies from the registered rule hosts without duplicating them, and provides a typed alternative to importing `ALL_TRAFFIC`.
+
+- `allTraffic` (JS) / `ctx.all_traffic` (Python) is the literal `'0.0.0.0/0'`.
+- `rules` is a `Map` (Python `Mapping`) view of `network.rules`.
+
+
+```js JavaScript & TypeScript
+import { Sandbox } from 'e2b'
+
+// Block all egress except an explicit allowlist
+await Sandbox.create({
+ network: {
+ denyOut: ({ allTraffic }) => [allTraffic], // allTraffic === '0.0.0.0/0'
+ allowOut: ['1.1.1.1', '8.8.8.0/24'],
+ },
+})
+```
+```python Python
+from e2b import Sandbox
+
+Sandbox(
+ network={
+ "deny_out": lambda ctx: [ctx.all_traffic],
+ "allow_out": ["1.1.1.1", "8.8.8.0/24"],
+ },
+)
+```
+
+
+
+The selector form (`({ allTraffic }) => [allTraffic]` / `lambda ctx: [ctx.all_traffic]`) is the recommended way to express "everything". The `ALL_TRAFFIC` constant is still exported for backward compatibility.
+
+
### Updating network settings on a running sandbox
You can update the network configuration of an already running sandbox using `updateNetwork` (JavaScript) or `update_network` (Python). This replaces the current egress rules with the provided configuration without restarting the sandbox.
From 804ec409f008ab0f91ddd66118927a270a7322bf Mon Sep 17 00:00:00 2001
From: Tomas Virgl <739690+tvi@users.noreply.github.com>
Date: Tue, 26 May 2026 21:02:16 -0700
Subject: [PATCH 2/2] fixes
---
docs/sandbox/internet-access.mdx | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/docs/sandbox/internet-access.mdx b/docs/sandbox/internet-access.mdx
index e3fab2de..b9fc1aee 100644
--- a/docs/sandbox/internet-access.mdx
+++ b/docs/sandbox/internet-access.mdx
@@ -231,7 +231,7 @@ sandbox = Sandbox.create(
### Per-host request transforms
-You can register per-host rules under `network.rules` to apply transforms (for example, inject HTTP headers) on outbound requests matching a host, CIDR, or IP. Rules are keyed by host and registering one does **not** grant egress on its own — the host must still be referenced via `allowOut`.
+You can register per-host rules under `network.rules` to apply transforms (for example, inject HTTP headers) on outbound requests matching a host. Rules are keyed by host and registering one does **not** grant egress on its own — the host must still be referenced via `allowOut`.
The `transform.headers` object is sent on the wire as-is and injected by the egress proxy on matching HTTP/HTTPS requests.
@@ -244,7 +244,7 @@ await Sandbox.create({
// Only allow egress to hosts that have rules registered.
allowOut: ({ rules }) => [...rules.keys()],
rules: {
- 'api.openai.com': [
+ 'api.example.com': [
{
transform: {
headers: { 'X-Header': 'Content' },
@@ -258,11 +258,11 @@ await Sandbox.create({
```python Python
from e2b import Sandbox
-sandbox = Sandbox(
+sandbox = Sandbox.create(
network={
"allow_out": lambda ctx: list(ctx.rules.keys()),
"rules": {
- "api.openai.com": [
+ "api.example.com": [
{
"transform": {
"headers": {"X-Header": "Content"},
@@ -279,7 +279,7 @@ In JavaScript, `network.rules` accepts either a plain object or a `Map`:
```js JavaScript & TypeScript
const rules = new Map([
- ['api.openai.com', [{ transform: { headers: { 'X-Trace': 'on' } } }]],
+ ['api.example.com', [{ transform: { headers: { 'X-Trace': 'on' } } }]],
])
await Sandbox.create({
@@ -309,7 +309,7 @@ await Sandbox.create({
```python Python
from e2b import Sandbox
-Sandbox(
+Sandbox.create(
network={
"deny_out": lambda ctx: [ctx.all_traffic],
"allow_out": ["1.1.1.1", "8.8.8.0/24"],