I hope this is the right place to ask… Does anyone know if xblocks hosted on edx.org are allowed to make https requests to remote hosts? More specifically, the request would originate from python code on the server using the requests library.
If this is not the right place to ask, could someone please point me in the right direction? Thanks.
Hi @DerekRhodes,
If you are developing your own xblock, you could very well use requests to create https requests to remote hosts.
Now, after your xblock code is deployed to a particular installation of open edX then the operators of said instance would need to allow for your request to find a network path to the remote hosts. By this I mean that it is up to the networking of the instance where you xblock is hosted to determine if the https request is allowed to leave the host and go to the internet.
With regards to the specifics of edx.org, I do not know if they block or allow this kinds of requests. Normally, most small installations would not bother creating an allowlist for this and would permit every kind of request, but given the size of edx.org they might have different rules for that.
Felipe, thank you for answering my question, that gives me more reassurance than I had. It looks like I will need to submit the xblock to their security checks and hope for the best!