Skip to main content
Status: accepted · ADR-22 · Filed 2026-04-19

Decision

Supersedes ADR-20. Same security decision, one naming correction: PRISM_MODE values are local, lan, cloud. All else stands: CORSMiddleware is always mounted in backend/app/main.py with allowed_origins sourced from PRISM_ALLOWED_ORIGINS via the SPEC-019 v1.1 resolver; empty allowlist enforces default-deny (spec-compliant); cloud mode refuses to start if any origin uses plain http://. Local mode’s MODE_PROFILES default is http://127.0.0.1:*.

Rationale

Companion to ADR-21’s rename. CORS decision unchanged; only the MODE_PROFILES key name updates from personal to local. Per PRISM.md §A3 ADR immutability, supersede rather than edit. Filing alongside ADR-21 keeps the ADR chain coherent: ADR-19 -> ADR-21 and ADR-20 -> ADR-22 share the same rename driver.

Alternatives Considered

(a) Edit ADR-20 in place: violates PRISM.md §A3. (b) File a single combined rename ADR: muddies traceability — ADR-19 and ADR-20 had distinct decision scopes (env resolver vs CORS policy); their supersessions should be distinct too.
Last modified on April 20, 2026