コンテンツにスキップ

Custom Preview Proxy

View as Markdown

このコンテンツはまだ日本語訳がありません。

Daytona provides a preview proxy service that can be used to handle preview URLs for sandboxes. This gives you full control over the preview experience, including custom domains, authentication, error handling, and styling.

  • Custom domain: host your proxy under your own domain (e.g., preview.yourcompany.com)
  • User authentication: implement custom authentication logic for private previews
  • Sandbox management: automatically start stopped sandboxes before forwarding users
  • Custom error pages: style error pages to match your brand
  • Preview warning control: disable Daytona’s preview warning
  • CORS management: override Daytona’s default CORS settings

How it works

When a user visits a preview URL, your custom proxy receives the request and can:

  1. Authenticate the user using custom logic
  2. Check sandbox status and start it if needed
  3. Forward the request to the actual sandbox
  4. Handle responses with custom styling and error pages
  5. Send custom headers to control Daytona’s behavior

Your proxy should forward the X-Forwarded-Host header with the original request host when proxying requests to Daytona.

WebSocket support

The preview proxy fully supports WebSocket connections. WebSocket upgrade requests (Upgrade: websocket) are automatically detected and proxied. WebSocket connections skip the preview warning page.

Reserved ports

The following ports are reserved for internal services and always require authentication, even on public sandboxes:

PortService
22222Web terminal
2280Toolbox (IDE/development interface)
33333Recording dashboard

Your custom proxy should avoid exposing these ports unless you explicitly need access to these services.

Proxy headers

Your proxy can send special headers to control Daytona’s behavior.

Disable preview warning

To disable Daytona’s preview warning page, send:

X-Daytona-Skip-Preview-Warning: true

The warning page is only shown to browser requests. It sets a daytona-preview-page-accepted cookie that persists for 24 hours after acceptance.

Disable CORS

Daytona’s default CORS policy allows all origins with credentials. To override this and use your own CORS settings, send:

X-Daytona-Disable-CORS: true

Disable last activity update

To prevent sandbox last activity updates when previewing, set the X-Daytona-Skip-Last-Activity-Update header to true. This prevents Daytona from keeping sandboxes that have auto-stop enabled in a started state:

Terminal window
curl -H "X-Daytona-Skip-Last-Activity-Update: true" \
  https://3000-sandbox-123456.proxy.daytona.work

Authentication

For private preview links, send:

X-Daytona-Preview-Token: {sandboxToken}

The sandboxToken can be fetched through the Daytona SDK or API using the standard preview URL methods.

Examples

Examples of custom preview proxies are available on GitHub.