Interface SsrfPolicy

SSRF policy the runner enforces when fetching a preview_url. The default export DEFAULT_SSRF_POLICY mirrors the contract's explicit deny lists.

interface SsrfPolicy {
    schemes_allowed: readonly string[];
    schemes_denied: readonly string[];
    hosts_denied_ipv4_cidrs: readonly string[];
    hosts_denied_ipv6_cidrs: readonly string[];
    hosts_denied_metadata: readonly string[];
    host_literal_policy: "reject" | "allow";
}

Index

Properties

schemes_allowed schemes_denied hosts_denied_ipv4_cidrs hosts_denied_ipv6_cidrs hosts_denied_metadata host_literal_policy

Properties

schemes_allowed

schemes_allowed: readonly string[]

schemes_denied

schemes_denied: readonly string[]

hosts_denied_ipv4_cidrs

hosts_denied_ipv4_cidrs: readonly string[]

hosts_denied_ipv6_cidrs

hosts_denied_ipv6_cidrs: readonly string[]

hosts_denied_metadata

hosts_denied_metadata: readonly string[]

host_literal_policy

host_literal_policy: "reject" | "allow"

reject: bare IP literal (v4 or v6) in the URL is rejected regardless of range. Forces resolution through a public DNS name (AdCP Verified behavior).
allow: IP literal is permitted subject only to the CIDR deny lists. Local-dev default.