goecho
74f91bc74d
Fix bug: Header attributes (Host, Authorization, Origin, Referer) not sanitized
...
- Resolved an issue where header attributes Host, Authorization, Origin, and Referer were not being sanitized, resulting in two major issues:
1. Ollama requests inadvertently exposed user information, leading to data leakage.
2. When Ollama is deployed on different servers, and the intermediary proxy layer uses the host header to locate downstream services, it fails to find them.
Root Cause:
- In FastAPI, when accessing request.headers, all header names are converted to lowercase. This is because FastAPI, and its underlying framework Starlette, adhere to the HTTP/2 standard, which mandates lowercase header field names for performance and consistency.
- In HTTP/2, enforcing lowercase header field names reduces complexity in header processing as case sensitivity is no longer a concern. Thus, regardless of the case used in client-sent header fields, the server processes them uniformly in lowercase.
- This practice is adopted in FastAPI and other modern HTTP frameworks, even in an HTTP/1.1 context, to maintain consistency with HTTP/2 and improve overall performance. As a result, header field names are always presented in lowercase in FastAPI, even if the original request used capitalization or mixed case.
2024-01-11 14:36:34 +08:00
Timothy J. Baek
ffba59dc3a
Update requirements.txt
2024-01-09 21:09:28 -08:00
Timothy J. Baek
c1ec604f21
feat: rag md support
2024-01-09 15:24:53 -08:00
Timothy J. Baek
76d37393ee
feat: gguf upload
2024-01-09 13:25:42 -08:00
Timothy J. Baek
1ff3eb8038
feat: doc upload error handling
2024-01-08 01:54:03 -08:00
Timothy J. Baek
eddb6fc7b7
feat: documents backend integration
2024-01-08 01:49:20 -08:00
Timothy J. Baek
54c4e0761a
feat: documents file upload
2024-01-08 01:26:15 -08:00
Timothy J. Baek
cc3f84f916
feat: # to import doc
2024-01-07 23:43:32 -08:00
Timothy J. Baek
2603ac30bc
feat: documents
2024-01-07 22:14:08 -08:00
Timothy J. Baek
02f364bfd9
fix: dockerfile
2024-01-07 21:22:37 -08:00
Timothy J. Baek
706a8d4f8d
fix
2024-01-07 21:14:20 -08:00
Timothy J. Baek
162641ee43
Update requirements.txt
2024-01-07 19:54:52 -08:00
Timothy J. Baek
57c050326c
feat: docx support
2024-01-07 13:56:01 -08:00
Timothy J. Baek
9a63376e55
feat: file upload error handling
2024-01-07 09:33:34 -08:00
Timothy J. Baek
b37b157638
feat: reset vectordb storage support
2024-01-07 09:15:45 -08:00
Timothy J. Baek
d4b2578f6e
feat: rag csv support
2024-01-07 09:05:52 -08:00
Timothy J. Baek
d6a1bf1406
refac: file upload
2024-01-07 09:00:30 -08:00
Timothy J. Baek
ffd0a5a2a0
Update main.py
2024-01-07 08:34:05 -08:00
Timothy J. Baek
c68bb3b950
docker: slim
2024-01-07 08:28:35 -08:00
Timothy Jaeryang Baek
34e0f64fb3
Merge pull request #333 from ollama-webui/rag
...
feat: RAG support
2024-01-07 02:50:32 -08:00
Timothy J. Baek
464d0fb016
fix: update langchain.document_loaders
2024-01-07 02:49:13 -08:00
Timothy J. Baek
04db2475f9
fix: disable swagger doc in prod
2024-01-07 02:48:21 -08:00
Timothy J. Baek
70d2571be1
feat: rag backend auth
2024-01-07 02:46:12 -08:00
Timothy J. Baek
c43df8850f
fix: requirements
2024-01-07 02:45:56 -08:00
Timothy J. Baek
142269374f
feat: vectordb query error handling
2024-01-07 01:59:00 -08:00
Timothy J. Baek
ad3d69be30
refac
2024-01-07 01:54:58 -08:00
Timothy J. Baek
9634e2da3e
feat: full integration
2024-01-07 01:40:36 -08:00
Timothy J. Baek
fef4725d56
feat: frontend file upload support
2024-01-07 00:57:10 -08:00
Timothy J. Baek
cd86c36953
feat: pdf data load
2024-01-06 23:40:51 -08:00
Timothy J. Baek
784b369cc9
feat: chromadb vector store api
2024-01-06 22:59:22 -08:00
Timothy J. Baek
b2c9f6dff8
feat: rag api endpoint
2024-01-06 22:07:20 -08:00
Timothy J. Baek
82114c45ee
fix: allow command named create
2024-01-06 17:55:41 -08:00
Timothy Jaeryang Baek
7071716f54
Merge pull request #408 from ollama-webui/main
...
rag
2024-01-06 17:33:52 -08:00
Timothy J. Baek
73b88a8c17
fix: update user email issue
2024-01-06 02:51:57 -08:00
Timothy J. Baek
e441875af7
fix: update role
2024-01-05 21:02:49 -08:00
Timothy J. Baek
fb0c64379d
feat: edit user support
2024-01-05 20:59:56 -08:00
Timothy J. Baek
bb2971260d
fix: backend proxy
2024-01-05 17:16:35 -08:00
Timothy J. Baek
78477baa0e
feat: proxy logging
2024-01-05 15:51:33 -08:00
Timothy J. Baek
5e6d946f83
chore: disable passlib log
2024-01-05 12:22:27 -08:00
Timothy J. Baek
a37b9c126f
refac
2024-01-05 01:29:04 -08:00
Timothy J. Baek
47dc3b5fb2
feat: async reverse proxy
2024-01-05 01:25:34 -08:00
ThatOneCalculator
699fbefb8a
chore: 🎨 format
2024-01-04 20:05:19 -08:00
Timothy Jaeryang Baek
1a93191259
Merge branch 'main' into bun
2024-01-04 22:57:11 -05:00
Timothy J. Baek
a96795d752
chore: version
2024-01-04 19:02:57 -08:00
Timothy J. Baek
c0b099da4f
feat: openai frontend refac
2024-01-04 18:54:00 -08:00
Timothy J. Baek
17c66fde0f
feat: openai compatible api support
2024-01-04 18:38:03 -08:00
Timothy J. Baek
5e4dc98f44
feat: openai backend support
2024-01-04 16:49:34 -08:00
ThatOneCalculator
05fade1426
chore: 🎨 format backend
2024-01-04 13:30:47 -08:00
ThatOneCalculator
8480a9b418
Merge branch 'main' into bun
2024-01-04 13:30:30 -08:00
Timothy J. Baek
30aff2db53
feat: enable backend ollama url update
2024-01-04 13:06:31 -08:00
Timothy Jaeryang Baek
fa598b59e2
Merge branch 'main' into rag
2024-01-04 01:02:42 -05:00
Kainoa Kanter
947013c74d
Merge branch 'main' into bun
2024-01-03 17:13:57 -08:00
ThatOneCalculator
6e78b3a8f6
fix: 🔨 start script permissions & environment
2024-01-03 15:56:11 -08:00
ThatOneCalculator
07cc7f15d5
chore: 🚨 lint and format
2024-01-03 14:33:57 -08:00
Timothy J. Baek
7fc1d7c2c7
feat: prompt crud
2024-01-02 21:35:47 -08:00
Timothy J. Baek
69ff596045
feat: prompts backend frontend integration
2024-01-02 21:00:50 -08:00
Timothy J. Baek
247414743b
feat: prompts backend support
2024-01-02 20:51:19 -08:00
Timothy J. Baek
22c210e8f6
feat: custom prompt support
2024-01-02 20:41:37 -08:00
Timothy J. Baek
09e1458d59
fix: default models value should be None
2024-01-02 16:48:49 -08:00
Timothy J. Baek
7bc0c09b25
fix: openai issue
2024-01-02 16:48:10 -08:00
Timothy J. Baek
d8754b4486
feat/fix: email format validation
2024-01-02 16:22:48 -08:00
Timothy Jaeryang Baek
438942d64e
Merge branch 'main' into rag
2024-01-01 16:08:12 -05:00
Timothy J. Baek
bb5bf3964e
feat: toggle signup enable from admin panel
2024-01-01 12:32:28 -08:00
Timothy Jaeryang Baek
ee1559378d
Merge branch 'main' into rag
2024-01-01 14:23:44 -05:00
Anuraag Jain
77323d9b25
refac: remove the verify_token and use get-current user for auth+user
2024-01-01 10:55:50 +02:00
Timothy J. Baek
d5aa9e8710
feat: requirements for RAG
2023-12-31 23:35:17 -08:00
Anuraag Jain
60c801ee22
remove unused import in main
2023-12-30 13:08:03 +02:00
Anuraag Jain
2532cb1e70
Merge branch 'main' of github.com:ollama-webui/ollama-webui into refac/auth-middleware
2023-12-30 13:03:18 +02:00
Anuraag Jain
08c0d7a9ec
fix: merge conflicts
2023-12-30 13:00:21 +02:00
Anuraag Jain
613053e46c
Merge branch 'refac/auth-middleware' of https://github.com/anuraagdjain/ollama-webui into refac/auth-middleware
2023-12-30 12:53:35 +02:00
Anuraag Jain
bdd153d8f5
refac: use dependencies to verify token
...
- feat: added new util to get the current user when needed. Middleware was adding authentication logic to all the routes. let's revisit if we can move the non-auth endpoints to a separate route.
- refac: update the routes to use new helpers for verification and retrieving user
- chore: added black for local formatting of py code
2023-12-30 12:53:33 +02:00
Timothy J. Baek
d5dc36b2a9
feat: delete all user chats
2023-12-30 00:15:37 -08:00
Timothy Jaeryang Baek
39b8e4430e
Merge branch 'main' into refac/auth-middleware
2023-12-29 12:45:46 -05:00
Timothy J. Baek
d5bc54b8f8
fix: update password
2023-12-29 00:31:23 -08:00
Timothy J. Baek
500f61b7ee
chore: update password refac
2023-12-29 00:29:18 -08:00
Timothy J. Baek
d8bb19fd8a
feat: change password frontend added
2023-12-29 00:26:47 -08:00
Timothy J. Baek
9bd48ffd93
feat: change password support
2023-12-29 00:12:30 -08:00
Timothy J. Baek
5b4bf45ad2
fix: delete auth with user
2023-12-28 23:24:51 -08:00
Timothy J. Baek
48cc2c5053
chore: delete user backend refac
2023-12-28 23:17:58 -08:00
Timothy J. Baek
ad1cb5fc25
fix: disable admin self user delete
2023-12-28 23:07:46 -08:00
Timothy J. Baek
b61bb77950
feat: delete user backend support
2023-12-28 23:02:49 -08:00
Anuraag Jain
a01b112f7f
feat(auth): add auth middleware
...
- refactored chat routes to use request.user instead of doing authentication in every route
2023-12-28 22:15:54 +02:00
Timothy J. Baek
f70fadd70c
fix: https connection issue
2023-12-28 09:52:30 -08:00
Timothy J. Baek
c31ff1f679
fix: save email as lowercase
2023-12-27 19:10:56 -08:00
Timothy J. Baek
7c553f1287
feat: improved error message for signup
2023-12-27 12:06:22 -08:00
Timothy J. Baek
1d458db316
fix: print removed
2023-12-27 11:14:46 -08:00
Timothy J. Baek
7bdef56192
fix: docker container volume mount location
2023-12-27 00:11:23 -08:00
Timothy J. Baek
21c7f50790
feat: modelfiles migration support
2023-12-26 23:58:40 -08:00
Timothy J. Baek
032d7c7440
feat: modelfile backend & ollama version 0.0.0 whitelisted
2023-12-26 22:51:52 -08:00
Timothy J. Baek
4221594778
feat: chat export
2023-12-26 22:10:22 -08:00
Timothy J. Baek
a2b1e3756b
feat: modelfiles backend
2023-12-26 22:02:17 -08:00
Timothy J. Baek
d78df83453
feat: delete idb after migration
2023-12-26 18:44:08 -08:00
Timothy J. Baek
a696698ac8
feat: chat import to backend added
2023-12-26 16:35:01 -08:00
Timothy J. Baek
8f2b691ee0
fix: headers issue
2023-12-26 13:43:32 -08:00
Timothy J. Baek
0ae57b5ae1
fix: cors & #281
2023-12-26 13:40:03 -08:00
Timothy J. Baek
0c30a08596
fix: non existent chat page issue
2023-12-26 13:21:47 -08:00
Timothy J. Baek
1303407f53
feat: update chat
2023-12-26 10:41:55 -08:00
Timothy J. Baek
1274bd986b
chore: dockerignore added
2023-12-26 02:22:06 -08:00
Timothy J. Baek
2cb0bf4439
fix: chat return type to dict
2023-12-26 01:27:43 -08:00
Timothy J. Baek
6350d86bde
fix: chat model schema
2023-12-25 23:43:21 -08:00