# SSRFPolicy

> **Class** in `langchain_core`

📖 [View in docs](https://reference.langchain.com/python/langchain-core/_security/_policy/SSRFPolicy)

Immutable policy controlling which URLs/IPs are considered safe.

## Signature

```python
SSRFPolicy(
    self,
    allowed_schemes: frozenset[str] = frozenset({'http', 'https'}),
    block_private_ips: bool = True,
    block_localhost: bool = True,
    block_cloud_metadata: bool = True,
    block_k8s_internal: bool = True,
    allowed_hosts: frozenset[str] = frozenset(),
    additional_blocked_cidrs: tuple[ipaddress.IPv4Network | ipaddress.IPv6Network, ...] = (),
)
```

## Constructors

```python
__init__(
    self,
    allowed_schemes: frozenset[str] = frozenset({'http', 'https'}),
    block_private_ips: bool = True,
    block_localhost: bool = True,
    block_cloud_metadata: bool = True,
    block_k8s_internal: bool = True,
    allowed_hosts: frozenset[str] = frozenset(),
    additional_blocked_cidrs: tuple[ipaddress.IPv4Network | ipaddress.IPv6Network, ...] = (),
) -> None
```

| Name | Type |
|------|------|
| `allowed_schemes` | `frozenset[str]` |
| `block_private_ips` | `bool` |
| `block_localhost` | `bool` |
| `block_cloud_metadata` | `bool` |
| `block_k8s_internal` | `bool` |
| `allowed_hosts` | `frozenset[str]` |
| `additional_blocked_cidrs` | `tuple[ipaddress.IPv4Network \| ipaddress.IPv6Network, ...]` |


## Properties

- `allowed_schemes`
- `block_private_ips`
- `block_localhost`
- `block_cloud_metadata`
- `block_k8s_internal`
- `allowed_hosts`
- `additional_blocked_cidrs`

---

[View source on GitHub](https://github.com/langchain-ai/langchain/blob/625ed0ee8c683dd8a7d87564a14bdbd4472d2a44/libs/core/langchain_core/_security/_policy.py#L102)