Codex additional allowed domains doesn't work

Marlon_Patrick · June 22, 2025, 5:57pm

My Codex Enviroment config:

Agent internet access: On
Domain allowlist: common dependencies
Additional allowed domains: fonts . googleapis . com, fonts . gstatic . com, googleapis . com, gstatic . com, www . googleapis . com, themes . googleusercontent . com, ajax . googleapis . com

Even with that config, codex continue not allowed to connect to Google Fonts, and then, my Next.js build fails.

Can anyone help-me with this?

blurryRobot · October 24, 2025, 4:25am

I have the same problem. did you ever figure it out?

TironWisp · October 24, 2025, 8:54am

I’ve run into the same issue — even with the domains explicitly listed in the allowlist, Codex still blocks connections to Google Fonts and other googleapis endpoints. It seems the “Additional allowed domains” setting doesn’t fully override the default restrictions yet.

For now, a workaround is to disable external font fetching in your Next.js config and use locally hosted fonts instead. Not ideal, but it keeps the build from failing. Hopefully OpenAI will address this limitation in a future update so the allowlist behaves as expected.

OpenAI_Support · January 28, 2026, 11:31am

Hey everyone,

This confuses a lot of folks up because Next.js doesn’t just hit one Google domain for fonts. A typical Google Fonts load actually goes to two different hosts:

fonts.googleapis.com → serves the CSS

fonts.gstatic.com → serves the actual font files referenced by that CSS

If either of those isn’t allowlisted exactly, the build will fail — even if you think you’ve already “allowed googleapis”.

Codex is pretty strict here. When Internet access is On, outbound traffic is still filtered by the domain allowlist, and only domains that match exactly are permitted. You can extend this list when using “Common dependencies”, but the hostnames have to be correct (no spaces, no scheme, exact match).

Docs: https://platform.openai.com/docs/codex/environment#internet-access

How to fix

In Codex Environment → Additional allowed domains, add these exactly:

fonts.googleapis.com

fonts.gstatic.com

Also double-check that your Allowed HTTP methods include at least GET (and ideally HEAD / OPTIONS). Codex will block requests that use methods outside the allowed set.

Docs: https://platform.openai.com/docs/codex/environment#network-controls

After saving the environment settings, re-run the build in Codex. If you don’t want your build to depend on external network calls at all, the cleanest workaround is to self-host your fonts. Download them into your repo and use next/font/local instead of next/font/google.

Topic		Replies	Views
Codex internet access not working Codex codex	3	1843	September 2, 2025
Codex with ‘unrestricted internet access’ are still hard-blocked by an internal allowlist — please fix this! Codex CLI codex , chatgpt , plugin-development , api	0	348	October 17, 2025
Randomly blocked Internet Access in Codex despite unrestricted-Access Setting Codex codex , bug	3	802	July 21, 2025
Codex cloud agent unable to install pnpm dependencies Codex codex	18	4485	June 5, 2025
Codex Terminal Persistent Failure - DNS Resolution Issue with oaiusercontent.com Domain (Months-Long Problem) Codex codex	0	610	September 22, 2025

Codex additional allowed domains doesn't work

Related topics