Outgoing requests from streamlit cloud: blacklist? whitelist?

What, if any, are the restrictions on making requests to other websites from an app deployed on streamlit cloud? Is there for example a blacklist or whitelist that regulates which domains an app can access?

I know that some other free hosting services (for example PythonAnywhere) place some restrictions on the use of their service for accessing third-party sites (see here) but I do not see anything like this in the ToS for streamlit cloud, or in the forums.

The context is that I would like to create an app that uses the requests package to retrieve and reformat information from an external site when the user enters a URL. And I want to make sure that this is a legitimate use of the service.


Hi @pickleherring, welcome to the Streamlit community!

In general, no, Streamlit Cloud isn’t placing (too many) restrictions on external traffic (outside of what Google Cloud might provide as a default service). In general, if you aren’t breaking the laws of the United States or the locale in which you reside, then generally what you are accessing shouldn’t be an issue.

The biggest thing that Streamlit Cloud monitors is users try to use Streamlit Cloud to generate cryptocurrency or other resource-intensive uses far in excess of what a “normal” demonstration Streamlit app should use (however we decide to define that privately). The Community tier is provided as a shared-resource for the benefit of the community, and we will prioritize providing the service to as many users as possible vs. providing unlimited resources for free.

Of course, if you upgrade to one of our paid tiers, then you will have some level of guaranteed resources allocated.


Thanks for the prompt reply Randy! I had in mind an app that would make a handful of requests per user hit. So probably nothing like as intensive as currency mining, NFTs, other silly stuff. I’ll give my app a go and see whether it works out.

1 Like