Open Editor →

Network Access

Understand how Python Online handles outbound internet requests from your code, and the architectural differences between Free and Pro networking.

The Security Challenge

Allowing arbitrary code to run on a cloud server and make outbound network requests is an inherent security risk. Unrestricted platforms are often targeted by botnets to launch DDoS attacks, mine cryptocurrency, or scrape protected data anonymously.

To ensure the compute cluster remains highly available and strictly compliant with security standards, Python Online implements a tiered networking policy. Your ability to connect to external servers depends on your account tier.

Free Tier: The Secure Proxy

For Free users, all outbound traffic generated by your Python code (e.g., using the requests library or urllib) is forcibly routed through a highly restrictive Squid Proxy.

This proxy acts as a firewall between your execution container and the internet. It operates on a strict "Default Deny" policy, meaning all outbound connections are blocked unless explicitly allowed. The proxy maintains an internal whitelist of verified, safe domains.

What Happens When Blocked?

If your script attempts to connect to an external API (like api.example.com or a remote PostgreSQL database), the proxy intercepts and denies the request. In your Output console, you will see a traceback ending in a ProxyError or 403 Forbidden.

To assist with debugging, the Python Online execution engine injects a custom system hint directly into the error log, clearly explaining that the connection was blocked by the platform firewall.

Package Installation Note: While you can install thousands of packages from PyPI on the Free tier, some niche libraries attempt to download secondary assets (like C++ compiler files or language models) from unverified third-party domains during the pip install process. These secondary downloads will be blocked, causing the installation to fail.

Pro Tier: Direct Access

Professional engineering requires unrestricted connectivity. When you upgrade to a Pro Workstation, your environment is physically relocated to a dedicated container on our distributed mesh.

These persistent containers completely bypass the internal Squid Proxy. Your code is granted unrestricted, high-speed access to the global internet.

Pro Capabilities

  • Database Connectivity: Connect your applications directly to remote data stores like MongoDB Atlas, Supabase, AWS RDS, or PlanetScale.
  • API Integration: Make requests to any third-party REST API, GraphQL endpoint, or WebSocket service without whitelist constraints.
  • Web Scraping: Run tools like BeautifulSoup or Scrapy against live websites to gather data.
  • Complex Installations: Successfully compile and install massive libraries (like Machine Learning frameworks) that require fetching assets from custom registries or CDN endpoints.