Users were generally confused about where to configure things like
allowed URLs. Because they were reset in between each sessions, they
needed to be applied repeatedly in a before block.
This introduces an API for global configuration, which will be applied
for every session. It also deprecates the per-session configuration
methods, as those are less likely to be useful.
