tdpeuter/open-webui
tdpeuter/open-webui
1
Fork 0
forked from open-webui/open-webui
Code Issues Pull requests 1 Releases 2 Packages Activity Actions

Merge pull request #1408 from Mmx233/main

Browse source 
fix: manually check the docs' filename
This commit is contained in:
Timothy Jaeryang Baek 2024-04-03 10:19:10 -07:00 committed by GitHub
commit d94bc21ac8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
backend/apps/rag/main.py
View file

@ -8,7 +8,7 @@ from fastapi import (
Form, Form,
) )
from fastapi.middleware.cors import CORSMiddleware from fastapi.middleware.cors import CORSMiddleware
import os, shutil, logging import os, shutil, logging, re
from pathlib import Path from pathlib import Path
from typing import List from typing import List
@ -450,7 +450,7 @@ def store_doc(
try: try:
is_valid_filename = True is_valid_filename = True
unsanitized_filename = file.filename unsanitized_filename = file.filename
if not unsanitized_filename.isascii(): if re.search(r'[\\/:"\*\?<>|\n\t ]', unsanitized_filename) is not None:
is_valid_filename = False is_valid_filename = False
unvalidated_file_path = f"{UPLOAD_DIR}/{unsanitized_filename}" unvalidated_file_path = f"{UPLOAD_DIR}/{unsanitized_filename}"