Allow global network allowlist wildcard#15549
Open
rreichel3-oai wants to merge 4 commits intomainfrom
Open
Conversation
Update network-proxy glob compilation and validation so the global * wildcard is accepted for allowed_domains but still rejected for denied_domains. Add host-policy and config-state tests covering denylist-only behavior with a global allowlist wildcard, and refresh the network-proxy README to document the new mode.
Add a network-proxy regression test that starts from allowed_domains = ["*"], adds a new denied host that has no exact allowlist entry, and verifies the host is then blocked while the global allowlist remains.
Use allowlist- and denylist-specific glob compilation helpers instead of a positional boolean, and keep wildcard rejection validation only on the denylist path.
rreichel3-oai
commented
Mar 23, 2026
| } | ||
|
|
||
| #[tokio::test] | ||
| async fn host_blocked_global_wildcard_allowlist_allows_public_hosts_except_denylist() { |
Author
There was a problem hiding this comment.
@bolinfest this test confirms this usecase functions as expected!
bolinfest
approved these changes
Mar 23, 2026
codex-rs/network-proxy/src/policy.rs
Outdated
| for pattern in patterns { | ||
| ensure!( | ||
| !is_global_wildcard_domain_pattern(pattern), | ||
| matches!(global_wildcard, GlobalWildcard::Allow) |
Collaborator
There was a problem hiding this comment.
Can we deMorgan this to:
if global_wildcard == GlobalWildcard::Reject && is_global_wildcard_domain_pattern(pattern) {
return Err(...)
}Because then it's clearer that the error message follows from the condition.
Apply review feedback in network-proxy glob compilation by spelling the reject case as an explicit if/return Err branch instead of a negated ensure condition.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Today
codex-network-proxyrejects a global*innetwork.allowed_domains, so there is no static way to configure a denylist-only posture for public hosts. Users have to enumerate broad allowlist patterns instead.Approach
allowed_domainscan use*, whiledenied_domainsstill rejects a global wildcard.Validation
just fmtcargo test -p codex-network-proxy(full run had one unrelated flaky telemetry test:network_policy::tests::emit_block_decision_audit_event_emits_non_domain_event; reran in isolation and it passed)cargo test -p codex-network-proxy network_policy::tests::emit_block_decision_audit_event_emits_non_domain_event -- --exact --nocapturejust fix -p codex-network-proxyjust argument-comment-lint