fix some features #8556
Open
fix some features #8556
+82
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@hiyouga Is there anything that needs to be changed? |
BoomchainLabs
approved these changes
Jul 11, 2025
d3do-23
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR addresses two critical security vulnerabilities found in the media content processing logic within the
_process_requestfunction:Local File Inclusion (LFI): The code did not properly sanitize user-provided file paths when handling
image_url,video_url, andaudio_url. An attacker could use path traversal payloads (e.g.,../../etc/passwd) to read arbitrary files from the server's filesystem.Server-Side Request Forgery (SSRF): The code directly fetched any user-provided URL using
requests.get. An attacker could abuse this to make the server send requests to internal network services, cloud metadata endpoints (e.g.,169.254.169.254), or other sensitive resources.Implementation Details
To fix these issues, this PR introduces a non-invasive, targeted approach by adding two new security check functions:
_check_lfi_path(path): This function is called right beforeopen(). It validates that the resolved absolute path of a local file is within a pre-configured safe directory (SAFE_MEDIA_PATH), effectively preventing any directory traversal._check_ssrf_url(url): This function is called right beforerequests.get(). It provides two layers of defense against Server-Side Request Forgery:ALLOWED_URL_PREFIXES). If this whitelist is active, the URL must start with one of the approved prefixes to proceed.is_global). This crucial check is always performed, even for whitelisted URLs, to protect against attacks like DNS rebinding. This prevents the server from making requests to private, loopback, or reserved IP ranges.These checks are inserted into the existing logic without significant refactoring, preserving the original code structure.
Configuration
The fix also introduces two environment variables for better control and flexibility:
SAFE_MEDIA_PATH: Defines the secure directory from which local files can be served.ALLOW_LOCAL_FILES: Acts as a feature flag to enable or disable the local file loading functionality entirely.This ensures the application is secure by default while allowing administrators to configure it as needed.