tdpeuter/open-webui
tdpeuter/open-webui
1
Fork 0
forked from open-webui/open-webui
Code Issues Pull requests 1 Releases 2 Packages Activity Actions

fix: manually check the docs' filename

Browse source
This commit is contained in:
Mmx233 2024-04-03 23:19:18 +08:00
parent 5558514ff1
commit 947c392f72
No known key found for this signature in database
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
backend/apps/rag/main.py
View file

@ -8,7 +8,7 @@ from fastapi import (
Form, Form,
) )
from fastapi.middleware.cors import CORSMiddleware from fastapi.middleware.cors import CORSMiddleware
import os, shutil, logging import os, shutil, logging, re
from pathlib import Path from pathlib import Path
from typing import List from typing import List
@ -450,7 +450,7 @@ def store_doc(
try: try:
is_valid_filename = True is_valid_filename = True
unsanitized_filename = file.filename unsanitized_filename = file.filename
if not unsanitized_filename.isascii(): if re.search(r'[\\/:"\*\?<>|\n\t ]', unsanitized_filename) is not None:
is_valid_filename = False is_valid_filename = False
unvalidated_file_path = f"{UPLOAD_DIR}/{unsanitized_filename}" unvalidated_file_path = f"{UPLOAD_DIR}/{unsanitized_filename}"