Security Configuration

The [security] section controls SSRF protection, origin allowlisting, and rate limiting for render requests.

TOML Example

[security]
allowed_origins = []
block_private_cidrs = true
rate_limit_per_domain = 10
rate_limit_per_ip = 0

Parameters

Parameter	Type	Default	Description
`allowed_origins`	Array of Strings	`[]`	Restrict rendering to specific origin domains. Empty = allow all
`block_private_cidrs`	Boolean	`true`	Block requests to private/internal IP ranges (SSRF protection)
`rate_limit_per_domain`	Integer	`10`	Maximum render requests per second per target domain
`rate_limit_per_ip`	Integer	`0`	Maximum render requests per second per client IP. `0` = disabled

Detailed Explanation

allowed_origins

When set, PRISM only renders pages whose origin matches one of the listed domains. Requests for other origins are rejected. When empty (default), rendering is allowed for any origin.

[security]
allowed_origins = ["https://example.com", "https://staging.example.com"]

block_private_cidrs

Enabled by default. This prevents SSRF (Server-Side Request Forgery) attacks by blocking the headless browser from making requests to private/internal IP ranges:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
127.0.0.0/8 (loopback)
169.254.0.0/16 (link-local)
::1, fc00::/7 (IPv6 private)

PRISM implements this protection at the CDP (Chrome DevTools Protocol) Fetch interception layer, which means it catches requests even after DNS resolution. This also defends against DNS rebinding attacks, where a hostname initially resolves to a public IP but later resolves to an internal IP.

rate_limit_per_domain

Limits how many render requests per second PRISM processes for each target domain. This protects both PRISM and the origin from overload. The default of 10 requests/second per domain is suitable for most deployments.

rate_limit_per_ip

Limits render requests per second from each client IP address. Disabled by default (0). Enable this to protect against individual clients overwhelming the render pipeline.

Example Use Cases

Production lockdown

[security]
allowed_origins = ["https://www.mysite.com"]
block_private_cidrs = true
rate_limit_per_domain = 20
rate_limit_per_ip = 5

Multi-tenant setup

[security]
allowed_origins = [
    "https://tenant-a.example.com",
    "https://tenant-b.example.com",
    "https://tenant-c.example.com",
]
block_private_cidrs = true
rate_limit_per_domain = 5
rate_limit_per_ip = 2

Development (relaxed)

[security]
allowed_origins = []
block_private_cidrs = false
rate_limit_per_domain = 100
rate_limit_per_ip = 0

TOML Example​

Parameters​

Detailed Explanation​

allowed_origins​

block_private_cidrs​

rate_limit_per_domain​

rate_limit_per_ip​

Example Use Cases​

Production lockdown​

Multi-tenant setup​

Development (relaxed)​