Allow insecure requests for llm apis in the playground using DANGER_ACCEPT_INVALID_CERTS

[aaronvg]

Pull Request Template

Thanks for taking the time to fill out this pull request!

Issue Reference

Please link to any related issues

• This PR fixes/closes #[issue number]

Changes

Please describe the changes proposed in this pull request

This PR enables disabling TLS certificate verification (curl -k equivalent) for LLM API calls, specifically in WASM environments, by allowing DANGER_ACCEPT_INVALID_CERTS to be passed via per-request env_vars.

Previously, danger_accept_invalid_certs was only configurable via global std::env and was not available in WASM.

Key Changes:

• Introduced create_client_with_env in engine/baml-runtime/src/request/mod.rs to build reqwest::Client instances, accepting a HashMap<String, String> for environment variables. This allows DANGER_ACCEPT_INVALID_CERTS to be read from the provided map, enabling TLS bypass in both WASM and non-WASM contexts.
• Updated all LLM client constructors (OpenAI, Anthropic, Google, Vertex) to use create_client_with_env(ctx.env_vars()).
• Modified the AWS Bedrock client's custom HTTP client to accept and utilize the env_vars map when building its internal reqwest::Client.

Testing

Please describe how you tested these changes

• Unit tests added/updated (Existing unit tests in engine/baml-runtime were run and passed.)
• Manual testing performed (To test, include "DANGER_ACCEPT_INVALID_CERTS": "1" in the env_vars map passed to the runtime for a specific call.)
• Tested in [environment]

Screenshots

If applicable, add screenshots to help explain your changes

[Add screenshots here...]

PR Checklist

Please ensure you've completed these items

• I have read and followed the contributing guidelines
• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings

Additional Notes

Add any other context about the PR here

Security Warning: Disabling certificate verification exposes you to Man-in-the-Middle (MITM) attacks. This feature should only be used in trusted development or testing environments.

---

Slack Thread

 

---

Note

Add env-driven create_client_with_env and plumb env_vars through Anthropic, OpenAI, GoogleAI, Vertex, and AWS Bedrock to allow disabling TLS verification per request.

• Runtime HTTP client:
  • Introduce request::create_client_with_env and builder_with_env to read DANGER_ACCEPT_INVALID_CERTS from provided env map (WASM and non-WASM).
• LLM clients:
  • Anthropic (anthropic_client.rs), OpenAI (openai_client.rs), GoogleAI (googleai_client.rs), Vertex (vertex_client.rs): construct HTTP clients with create_client_with_env(ctx.env_vars()).
  • OpenAI dynamic constructors updated via macro to pass ctx.env_vars().
• AWS Bedrock:
  • custom_http_client.rs: add client_with_env(...) using create_client_with_env.
  • aws_client.rs: thread env into client_anyhow(...) and use custom_http_client::client_with_env(env); call sites pass ctx.runtime_context().env_vars().

^{Written by Cursor Bugbot for commit e4da0fd. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
promptfiddle	Skipped			Oct 3, 2025 7:14pm

[cursor]

Bug: OpenAI Client Macro Ignores Env Variable

The non-dynamic make_openai_client! macro variant still uses create_client() instead of create_client_with_env(). This prevents non-dynamic OpenAI clients from respecting the DANGER_ACCEPT_INVALID_CERTS environment variable, creating inconsistent behavior with dynamic clients.

 

[github-actions]

🌿 Preview your docs: https://boundary-preview-fbcfbf70-3fa4-47fc-acdd-d579b975cbb7.docs.buildwithfern.com

[github-actions]

https://sage-backend-2i7x21o68-baml.vercel.app

[codecov]

Codecov Report

❌ Patch coverage is 0% with 42 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
engine/baml-runtime/src/request/mod.rs	0.00%	16 Missing ⚠️
...ernal/llm_client/primitive/openai/openai_client.rs	0.00%	14 Missing ⚠️
...rc/internal/llm_client/primitive/aws/aws_client.rs	0.00%	4 Missing ⚠️
...llm_client/primitive/anthropic/anthropic_client.rs	0.00%	2 Missing ⚠️
...nal/llm_client/primitive/aws/custom_http_client.rs	0.00%	2 Missing ⚠️
...nal/llm_client/primitive/google/googleai_client.rs	0.00%	2 Missing ⚠️
...ernal/llm_client/primitive/vertex/vertex_client.rs	0.00%	2 Missing ⚠️

📢 Thoughts on this report? Let us know!

[github-actions]

🌿 Preview your docs: https://boundary-preview-8f718676-8515-4d7a-a4a2-a3820ec4224f.docs.buildwithfern.com

[github-actions]

https://sage-backend-8zk1ug35a-baml.vercel.app