fix(e2e): revert FWD-2 to expect 403 without implicit allowed_ips fix

johntmyers · johntmyers · commit 2df59b96f161 · 2026-03-24T10:48:36.000-07:00
The implicit allowed_ips fix is in PR #570, not this branch. FWD-2 must expect 403 until that fix is merged. The OVL-1 and OVL-2 tests (overlapping policies) are independent and remain unchanged.
diff --git a/e2e/python/test_sandbox_policy.py b/e2e/python/test_sandbox_policy.py
@@ -1393,21 +1393,20 @@ def test_forward_proxy_allows_private_ip_with_allowed_ips(
         )
 
 
-def test_forward_proxy_allows_private_ip_host_without_allowed_ips(
+def test_forward_proxy_denied_without_allowed_ips(
     sandbox: Callable[..., Sandbox],
 ) -> None:
-    """FWD-2: Forward proxy to literal IP host without allowed_ips -> 200.
+    """FWD-2: Forward proxy to private IP without allowed_ips -> 403.
 
-    When the policy host field is a literal IP address, the user has explicitly
-    declared intent to allow that destination.  The SSRF guard synthesizes an
-    implicit allowed_ips entry, so explicit allowed_ips is not required.
+    Even though the endpoint matches, forward proxy requires explicit
+    allowed_ips on the endpoint.
     """
     policy = _base_policy(
         network_policies={
             "internal_http": sandbox_pb2.NetworkPolicyRule(
                 name="internal_http",
                 endpoints=[
-                    # No allowed_ips — but host is a literal IP, so implicit
+                    # No allowed_ips — forward proxy should be denied
                     sandbox_pb2.NetworkEndpoint(
                         host=_SANDBOX_IP,
                         port=_FORWARD_PROXY_PORT,
@@ -1420,15 +1419,16 @@ def test_forward_proxy_allows_private_ip_host_without_allowed_ips(
     spec = datamodel_pb2.SandboxSpec(policy=policy)
     with sandbox(spec=spec, delete_on_exit=True) as sb:
         result = sb.exec_python(
-            _forward_proxy_with_server(),
-            args=(_PROXY_HOST, _PROXY_PORT, _SANDBOX_IP, _FORWARD_PROXY_PORT),
+            _forward_proxy_raw(),
+            args=(
+                _PROXY_HOST,
+                _PROXY_PORT,
+                f"http://{_SANDBOX_IP}:{_FORWARD_PROXY_PORT}/test",
+            ),
         )
         assert result.exit_code == 0, result.stderr
-        assert "200" in result.stdout, (
-            f"Expected 200 for literal IP host, got: {result.stdout}"
-        )
-        assert "forward-proxy-ok" in result.stdout, (
-            f"Expected response body relayed, got: {result.stdout}"
+        assert "403" in result.stdout, (
+            f"Expected 403 without allowed_ips, got: {result.stdout}"
         )
 
 
