Enable canisters to make HTTP(S) requests

Update

Using the opportunity of a short interruption of my hiking vacation to give you an update.

The feature is now code complete and waiting for its documentation to be finalized and some infrastructure configuration changes to be done before we can release it. Those infrastructure changes are required in order to prevent canisters from trying to access ports of internal services (e.g., logging) that are accessible from replicas (and thereby would be accessible also from canisters, and not just replicas, with this feature becoming available). For according security, to prevent this access already at the networking level and not rely solely on access control within the feature, this needs to be addressed. Thus, in the spirit of a defense-in-depth design principle, the feature is blocked on those infrastructure changes.

Security is a primary concern, hope you all understand this! We hope to be close to the most recent plan of launching the feature be end of July 2022. Maybe it slips a little into August, depending on the effort to make the infrastructure changes.

14 Likes