From 79be3299b331dc476e70554d585f2b420fde6535 Mon Sep 17 00:00:00 2001
From: viyatb-oai <viyatb@openai.com>
Date: Fri, 1 May 2026 18:11:08 -0700
Subject: [PATCH] fix: keep proxy feature gated by network access

Co-authored-by: Codex noreply@openai.com
---
 codex-rs/core/src/config/config_tests.rs | 33 ++++++++++++------------
 codex-rs/core/src/config/mod.rs          |  2 +-
 codex-rs/core/src/config/permissions.rs  |  4 +--
 3 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/codex-rs/core/src/config/config_tests.rs b/codex-rs/core/src/config/config_tests.rs
index f78e572af5..8dea1ae7c5 100644
--- a/codex-rs/core/src/config/config_tests.rs
+++ b/codex-rs/core/src/config/config_tests.rs
@@ -839,8 +839,7 @@ async fn permissions_profiles_proxy_policy_does_not_start_managed_network_proxy_
 }
 
 #[tokio::test]
-async fn network_proxy_feature_starts_proxy_without_enabling_sandbox_network() -> std::io::Result<()>
-{
+async fn network_proxy_feature_is_no_op_without_sandbox_network() -> std::io::Result<()> {
     let codex_home = TempDir::new()?;
     let cwd = TempDir::new()?;
     let config = Config::load_from_base_config_with_overrides(
@@ -860,13 +859,10 @@ async fn network_proxy_feature_starts_proxy_without_enabling_sandbox_network() -
         config.permissions.network_sandbox_policy(),
         NetworkSandboxPolicy::Restricted
     );
-    let network = config
-        .permissions
-        .network
-        .as_ref()
-        .expect("network_proxy should start the managed network proxy");
-    assert_eq!(network.proxy_host_and_port(), "127.0.0.1:3128");
-    assert!(network.socks_enabled());
+    assert!(
+        config.permissions.network.is_none(),
+        "network_proxy should not start the managed network proxy while network access is off"
+    );
     Ok(())
 }
 
@@ -1004,7 +1000,7 @@ async fn network_proxy_feature_matrix_preserves_sandbox_network_semantics() -> s
         );
         assert_eq!(
             config.permissions.network.is_some(),
-            case.proxy_enabled,
+            case.network_enabled && case.proxy_enabled,
             "{}",
             case.name
         );
@@ -1017,6 +1013,15 @@ async fn network_proxy_feature_matrix_preserves_sandbox_network_semantics() -> s
 async fn network_proxy_cli_overrides_merge_toggle_with_proxy_config() -> std::io::Result<()> {
     let codex_home = TempDir::new()?;
     let cwd = TempDir::new()?;
+    std::fs::write(
+        codex_home.path().join(CONFIG_TOML_FILE),
+        r#"
+sandbox_mode = "workspace-write"
+
+[sandbox_workspace_write]
+network_access = true
+"#,
+    )?;
     let config = ConfigBuilder::without_managed_config_for_tests()
         .codex_home(codex_home.path().to_path_buf())
         .cli_overrides(vec![
@@ -1024,10 +1029,6 @@ async fn network_proxy_cli_overrides_merge_toggle_with_proxy_config() -> std::io
                 "features.network_proxy.enabled".to_string(),
                 toml::Value::Boolean(true),
             ),
-            (
-                "features.network_proxy.proxy_url".to_string(),
-                toml::Value::String("http://127.0.0.1:43128".to_string()),
-            ),
             (
                 "features.network_proxy.enable_socks5".to_string(),
                 toml::Value::Boolean(false),
@@ -1042,14 +1043,14 @@ async fn network_proxy_cli_overrides_merge_toggle_with_proxy_config() -> std::io
 
     assert_eq!(
         config.permissions.network_sandbox_policy(),
-        NetworkSandboxPolicy::Restricted
+        NetworkSandboxPolicy::Enabled
     );
     let network = config
         .permissions
         .network
         .as_ref()
         .expect("network_proxy should start the managed network proxy");
-    assert_eq!(network.proxy_host_and_port(), "127.0.0.1:43128");
+    assert_eq!(network.proxy_host_and_port(), "127.0.0.1:3128");
     assert!(!network.socks_enabled());
     Ok(())
 }
diff --git a/codex-rs/core/src/config/mod.rs b/codex-rs/core/src/config/mod.rs
index 304d20f710..9f0a4ca18b 100644
--- a/codex-rs/core/src/config/mod.rs
+++ b/codex-rs/core/src/config/mod.rs
@@ -2521,7 +2521,7 @@ impl Config {
                 None,
             )
         };
-        if enable_network_proxy {
+        if enable_network_proxy && permission_profile.network_sandbox_policy().is_enabled() {
             if let Some(network_proxy) = network_proxy_toml_config(cfg.features.as_ref()) {
                 apply_network_proxy_feature_config(
                     &mut configured_network_proxy_config,
diff --git a/codex-rs/core/src/config/permissions.rs b/codex-rs/core/src/config/permissions.rs
index 2bb1f0752b..6b6021ad34 100644
--- a/codex-rs/core/src/config/permissions.rs
+++ b/codex-rs/core/src/config/permissions.rs
@@ -118,8 +118,8 @@ pub(crate) fn network_proxy_config_from_profile_network(
         NetworkToml::to_network_proxy_config,
     );
     // Profile `network.enabled` controls sandbox network access. Profiles may
-    // provide proxy settings for the feature gate to consume, but they do not
-    // start the managed proxy on their own.
+    // provide proxy settings for the feature gate to consume when that network
+    // access is enabled, but they do not start the managed proxy on their own.
     config.network.enabled = false;
     config
 }