Setup Visual Studio Code’s Network Connection
Visual Studio Code is built on top of Electron and benefits from all the networking stack capabilities of Chromium. This also means that VS Code users get much of the networking support available in Google Chrome.
Common hostnames
A handful of features within VS Code require network communication to work, such as the auto-update mechanism, querying and installing extensions, and telemetry. For these features to work properly in a proxy environment, you must have the product correctly configured.
If you are behind a firewall that needs to allow specific domains used by VS Code, here’s the list of hostnames you should allow communication to go through:
– Visual Studio Code download and update server
– Visual Studio Code documentation
– Microsoft link forwarding service
– Visual Studio Code blob storage, used for remote server
– Visual Studio Marketplace
* – Visual Studio Marketplace
– Crash reporting service
– In-product settings search
– GitHub repository raw file access
– Visual Studio Marketplace badge service
– Visual Studio Code download CDN
– Visual Studio download server, provides dependencies for some VS Code extensions (C++, C#)
– Visual Studio Code Settings Sync service
– Visual Studio Code Settings Sync service (Insiders)
Proxy server support
VS Code has exactly the same proxy server support as Google Chromium. Here’s a snippet from Chromium’s documentation:
“The Chromium network stack uses the system network settings so that users and administrators can control the network settings of all applications easily. The network settings include:
– proxy settings
– SSL/TLS settings
– certificate revocation check settings
– certificate and private key stores”
This means that your proxy settings should be picked up automatically.
Otherwise, you can use the following command-line arguments to control your proxy settings:
# Disable proxy
–no-proxy-server
# Manual proxy address
–proxy-server=
# Manual PAC address
–proxy-pac-url=
–proxy-bypass-list=(
To learn more about these command-line arguments, see Chromium Network Settings.
Authenticated proxies
Authenticated proxies should work seamlessly within VS Code with the addition of PR #22369.
The authentication methods supported are:
Basic
Digest
NTLM
Negotiate
When using VS Code behind an authenticated HTTP proxy, the following authentication popup should appear:
Note that SOCKS5 proxy authentication support isn’t implemented yet; you can follow the issue in Chromium’s issue tracker.
See Chromium HTTP authentication to read more about HTTP proxy authentication within VS Code.
SSL certificates
Often HTTPS proxies rewrite SSL certificates of the incoming requests. Chromium was designed to reject responses which are signed by certificates which it doesn’t trust. If you hit any SSL trust issues, there are a few options available for you:
Since Chromium uses the OS’s certificate trust infrastructure, the preferred option is to add your proxy’s certificate to your OS’s trust chain. See the Chromium Root Certificate Policy documentation to learn more.
If your proxy runs in localhost, you can always try the –allow-insecure-localhost command-line flag.
If all else fails, you can tell VS Code to ignore all certificate errors using the –ignore-certificate-errors command-line flag. Warning: This is dangerous and not recommended, since it opens the door to security issues.
Legacy proxy server support
Extensions don’t benefit yet from the same proxy support that VS Code supports. You can follow this issue’s development in GitHub.
Similarly to extensions, a few other VS Code features don’t yet fully support proxy networking, namely the CLI interface. The CLI interface is what you get when running code –install-extension from a command prompt or terminal. You can follow this issue’s development in GitHub.
Due to both of these constraints, the, oxyStrictSSL and oxyAuthorization variables are still part of VS Code’s settings, yet they are only respected in these two scenarios.
Troubleshooting
Here are some helpful links that might help you troubleshoot networking issues in VS Code:
Network Settings
Debugging problems with the network proxy
Configuring a SOCKS proxy server in Chrome
Proxy settings and fallback (Windows)
10/7/2021
How to specify a user id and password for … – Stack Overflow
How to specify a user id and password for Visual Studio Code with an authenticating proxy?
I’ve seen the Proxy Server Support on the main VS Code site, but this only mentions two settings…
“”: ”
“oxyStrictSSL”: false
I’ve set these, but still no luck, e. g. I can’t install extensions… can’t even get a list of them
I suspect it’s our proxy, as it needs a user id and password:-(
So how can you set these values?
asked Jun 9 ’16 at 15:19
2
Set credentials inside the proxy url:
username:password@10. 203. 0. 1:5187/
WARNING: Setting your password in plaintext in a file can easily lead to your account being compromised. Further it might violate your companies data security guidelines.
answered Jun 9 ’16 at 15:27
OscarOscar12. 8k7 gold badges42 silver badges65 bronze badges
3
If you don’t want to store your credentials in the settings file, fiddler can be used to proxy the call to the proxy. Furthermore, I believe the above only works for proxy servers using basic authentication, the following should work for NTLM.
VSCode Open Settings File:%APPDATA%\Code\User\
add the following:
{
“”: “,
“oxyStrictSSL”: false}
Fiddler Confirm fiddler settings:
Fiddler Ensure Fiddler set to automatically authenticate:
VSCode Extensions should now be online:
Update
This is now no longer required following implementation of PR #22369 which was implemented in version 1. 15 Proxy server authentication.
In my case I still needed to add:
answered Jul 27 ’16 at 7:43
David MartinDavid Martin10. 9k1 gold badge51 silver badges69 bronze badges
My favorite response here is David Martin’s suggestion of using Fiddler. But in case that is not something you want to undertake, below is how to set your credentials for the proxy.
To specify DOMAIN + username + password: (It will likely not work with a slash, so use%5C in the place of the slash as shown below)
// The proxy setting to use. If not set will be taken from the _proxy and _proxy environment variables
“”: “DOMAIN%5Cusername:password@proxy_name_or_ip:port”,
// Whether the proxy server certificate should be verified against the list of supplied CAs.
“oxyStrictSSL”: false,
To specify just username + password:
“”: “username:password@proxy_name_or_ip:port”,
answered Oct 15 ’16 at 0:09
TolgaTolga1, 7831 gold badge17 silver badges16 bronze badges
The venerable CNTLM could help you. You give it your credentials, tell it about the upstream proxy, run it on your local machine, then point VS to the proxy at localhost:3128.
It’s a handy solution for any application that doesn’t support authenticated proxies.
answered Jan 30 ’19 at 10:44
batwadbatwad3, 4981 gold badge23 silver badges36 bronze badges
I really like the solution David Martin posted (further below) using Fiddler, however I wanted to figure out how to use oxyAuthorization and here is my solution considering you are OK to have credentials saved in base64 encoded format in the file.
WARNING: Saving credentials in base64 encoded format is certainly better than plain text, however consider base64 encoding as obfuscation not an encryption and the account can still be compromised – use at your own risk. Consider modifying the ACL of the settings file to reduce read access to it.
Step 1: Encode your credentials using the code below:
var s = @”DOMAIN\user:pass”;
var bytes = (s);
Console. WriteLine(Base64String(bytes));
RE9NQUlOXHVzZXI6cGFzcw==
Step 2: Update VS Code settings by adding oxyAuthorization using the base64 encoded value from above:
“oxyAuthorization”: “Authorization: Basic RE9NQUlOXHVzZXI6cGFzcw==”}
Step 3: Secure the by updating it’s ACL
Since you have stored credentials in the file to increase the security you can modify the ACL of the settings file by removing the local administrators group – make sure only you can read this file. I used the following PowerShell script to remove the local admin group for example:
$settings = “$env:appdata\Code\$env:username\”
