Commit Graph

216 Commits

Author SHA1 Message Date
Timothy Jaeryang Baek
6fce92aa12 chore: format 2026-06-01 13:56:55 -07:00
Timothy Jaeryang Baek
4297c02b12 refac 2026-06-01 12:44:16 -07:00
Timothy Jaeryang Baek
c93f071700 refac 2026-06-01 11:58:16 -07:00
Classic298
83890f18b9 feat: cap profile image data URI size to bound model/avatar bloat (#25476)
* feat: cap profile image data URI size to bound model/avatar bloat

validate_profile_image_url() validated data-URI format (MIME allowlist,
SVG rejection, scheme checks) but never its length, so a valid
data:image/...;base64,<huge> passed for both custom-model icons and user
avatars. Large inline images bloat Postgres and the Redis MODELS hash and
degrade model-list latency.

Add PROFILE_IMAGE_MAX_DATA_URI_SIZE (default 256 KiB, 0 disables) and
reject oversized data URIs in the shared validator, so both model meta
(ModelMeta.profile_image_url) and user avatars (UpdateProfileForm) are
bounded at one chokepoint. ModelMeta already clears invalid values to
None on read, so existing oversized icons stop propagating into the
MODELS hash on the next refresh.

Fixes #25468

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* fix: default PROFILE_IMAGE_MAX_DATA_URI_SIZE to None (no cap)

Per review: opt-in rather than a 256 KiB default. Unset leaves data URIs
uncapped; the validator already skips the check on a falsy value.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-01 09:57:06 -07:00
Timothy Jaeryang Baek
ee47c9c833 refac 2026-05-31 18:34:37 -07:00
Classic298
f2650353da fix: remove hardcoded WEBUI_SECRET_KEY fallback, require key explicitly (#25218)
The 't0p-s3cr3t' default was dead code on every supported startup path:
start.sh, start_windows.bat and `open-webui serve` all set or
auto-generate WEBUI_SECRET_KEY before the backend imports env.py. It was
only ever reachable by invoking uvicorn directly, which is unsupported
and unsafe (the app would then sign tokens/cookies with a public,
hardcoded key). It also keeps getting reported as a vulnerability because
it looks dangerous, even though it is unreachable in practice.

Drop the fallback (default to '') so an unset key is caught by the
existing WEBUI_AUTH guard, and replace the vague error with a clear,
actionable message explaining that the key is a hard requirement and how
the supported start methods provide it. Exit cleanly via SystemExit
instead of raising a ValueError traceback.

WEBUI_AUTH=False keeps working unchanged (key defaults to '').

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-31 14:53:25 -07:00
Timothy Jaeryang Baek
2b99945d27 refac
Co-Authored-By: Classic298 <27028174+Classic298@users.noreply.github.com>
2026-05-20 00:22:27 +04:00
Timothy Jaeryang Baek
f607337582 refac 2026-05-14 02:56:44 +09:00
Timothy Jaeryang Baek
5b125c24d4 feat: kb_exec 2026-05-13 15:41:30 +09:00
Timothy Jaeryang Baek
6d0295588e refac: modernize type annotations (PEP 604 / PEP 585) 2026-05-12 17:10:15 +09:00
Timothy Jaeryang Baek
998c86a52b style: standardize os.environ.get to os.getenv 2026-05-12 06:12:16 +09:00
Timothy Jaeryang Baek
83736e8dbd style: ruff format 2026-05-12 06:12:06 +09:00
Timothy Jaeryang Baek
4cee7c29a5 refac 2026-05-12 06:01:12 +09:00
Timothy Jaeryang Baek
15e696691c refac 2026-05-11 02:25:11 +09:00
Timothy Jaeryang Baek
df42d96c95 refac 2026-05-09 21:05:49 +09:00
Timothy Jaeryang Baek
7bcc0e2e5c chore: format 2026-05-09 15:25:27 +09:00
Classic298
cfd2888545 fix:image url validation and signout post (#24420)
* refac(routers): reject external URLs in profile/model image handlers

* refac(ui): centralize image URL validation in safeImageUrl helper

* refac(auths): make signout POST-only

* refac: gate external profile image redirect behind ENABLE_PROFILE_IMAGE_URL_FORWARDING

Restore the 302 redirect for external http(s) profile image URLs in
the user and model profile-image endpoints, but gate it behind a new
ENABLE_PROFILE_IMAGE_URL_FORWARDING env flag (default: True).

Existing deployments that rely on external profile image forwarding
continue to work unchanged.  Operators who want to suppress the
redirect (to prevent client-side IP/UA/Referer leaks) can set the
flag to False.
2026-05-09 07:33:31 +09:00
Shamil
ae0827cec0 style(env): satisfy ruff (datetime alias, line length, identity check) (#24118) 2026-05-09 05:30:09 +09:00
Timothy Jaeryang Baek
db05fdaf83 refac 2026-04-24 16:23:28 +09:00
Timothy Jaeryang Baek
5127354b3e refac 2026-04-20 09:21:30 +09:00
Timothy Jaeryang Baek
7cc7b367dc refac 2026-04-17 11:27:58 +09:00
Timothy Jaeryang Baek
2f9e326dba refac 2026-04-15 10:26:47 -07:00
Timothy Jaeryang Baek
715cf9797a refac 2026-04-13 16:25:44 -05:00
Timothy Jaeryang Baek
25898116ea chore: format 2026-04-12 18:12:59 -05:00
Timothy Jaeryang Baek
c47dd7b771 refac 2026-04-12 17:22:06 -05:00
Timothy Jaeryang Baek
5ee791d5d2 refac 2026-04-12 16:25:01 -05:00
Classic298
f6b85700ea fix: gate OpenAI catch-all proxy behind ENABLE_OPENAI_API_PASSTHROUGH toggle (#23640)
The catch-all /{path:path} proxy forwards any request to the upstream OpenAI-compatible API with the admin's API key and no access control. This is an intentional proxy but should be opt-in.

Adds ENABLE_OPENAI_API_PASSTHROUGH env var (defaults to False). When disabled, the catch-all returns 403. No other routers (Ollama, responses) have catch-all proxies.
2026-04-12 14:26:12 -05:00
Classic298
588b81eeda fix(redis): add opt-in health_check_interval for stale pooled connections (#23573)
Introduces REDIS_HEALTH_CHECK_INTERVAL and wires it through to every
Redis client created by get_redis_connection (plain, cluster and
sentinel paths, sync and async). When set, redis-py will PING any
connection idle longer than the interval on checkout, so dead sockets
are surfaced as reconnectable errors before a real command lands on
them.

Defaults to unset (empty string) so existing deployments see no
behavioural change. Operators who want the protection should set it
shorter than the Redis server `timeout` setting and any firewall/LB
idle timeout on the path to Redis.

Co-authored-by: Claude <noreply@anthropic.com>
2026-04-11 16:17:19 -06:00
Classic298
db7f122cb0 fix(redis): add opt-in TCP socket keepalive on all client connections (#23571)
Introduces REDIS_SOCKET_KEEPALIVE and wires socket_keepalive=True
through to every Redis client created by get_redis_connection
(plain, cluster and sentinel paths, sync and async). When enabled,
the kernel sends TCP keepalive probes on idle connections so
half-closed sockets (e.g. after a silent firewall/LB reset or a NIC
flap) are detected before the next command lands on them and the
request never sees a "Connection reset by peer" error.

Defaults to off so existing deployments see no behavioural change.
Operators who want the protection set REDIS_SOCKET_KEEPALIVE=true
in their environment.

Co-authored-by: Claude <noreply@anthropic.com>
2026-04-11 16:09:12 -06:00
Algorithm5838
f9ceb7fa89 perf: skip torch import on non-macOS (#23438) 2026-04-08 13:21:55 -07:00
Timothy Jaeryang Baek
0dd9f462ff feat: oauth backchannel logout 2026-04-02 08:46:34 -05:00
Timothy Jaeryang Baek
a3238aa79f refac 2026-03-23 20:42:48 -05:00
Timothy Jaeryang Baek
dfc2dc2c0b refac 2026-03-22 06:29:31 -05:00
Timothy Jaeryang Baek
464462b22e enh: WEBUI_AUTH_TRUSTED_ROLE_HEADER 2026-03-21 19:50:50 -05:00
Timothy Jaeryang Baek
de3317e26b refac 2026-03-17 17:58:01 -05:00
Timothy Jaeryang Baek
afa0609ece feat: support whitelist filtering in AuditLoggingMiddleware (#22515)
Add AUDIT_INCLUDED_PATHS env var for whitelist-based audit filtering.
When set, only matching paths are audited and AUDIT_EXCLUDED_PATHS is
ignored. Auth endpoints (signin/signout/signup) are always logged
regardless of filtering mode.
2026-03-11 15:41:42 -05:00
Lorenzo Maffioli
035b981e11 feat(otel): introduce an environment variable to control the export interval of otel metrics (#22529) 2026-03-11 15:27:06 -05:00
Timothy Jaeryang Baek
6d9996e599 refac 2026-03-06 20:12:37 -06:00
Timothy Jaeryang Baek
a6fb5a0460 refac 2026-03-04 17:09:02 -06:00
Classic298
4403c7b6c2 feat: Timeout for event_call events (#22222)
* Update main.py

* Update env.py

* Update main.py

* Update env.py
2026-03-04 16:39:53 -06:00
Timothy Jaeryang Baek
345f3e3559 refac 2026-02-25 15:15:59 -06:00
Timothy Jaeryang Baek
87d33f6e18 refac 2026-02-25 14:52:41 -06:00
Andrei Efanov
9e81e1dda1 feat: add LOG_FORMAT=json for structured JSON logging (#21747)
* feat: add LOG_FORMAT env var with JSON formatter for early logging

Introduce LOG_FORMAT environment variable (set to "json" to enable).
When active, logging.basicConfig() uses a JSONFormatter that outputs
single-line JSON objects with fields: ts, level, msg, caller, error,
stacktrace. This covers all log messages emitted during module imports
before Loguru's start_logger() takes over.

* feat: add JSON sink for Loguru when LOG_FORMAT=json

Add _json_sink() as a Loguru sink function that writes single-line JSON
to stdout. In start_logger(), conditionally use the JSON sink instead of
the plain-text stdout_format when LOG_FORMAT is set to "json".

* feat: suppress ASCII banner and fix alembic logging in JSON mode

- Wrap the ASCII art banner print in main.py with a LOG_FORMAT != "json"
  guard so JSON output stays machine-parseable.
- Skip alembic's fileConfig() call in migrations/env.py when
  LOG_FORMAT=json to prevent it from replacing the JSON log handlers
  installed during early startup.
2026-02-22 17:40:17 -06:00
Timothy Jaeryang Baek
631e30e22d refac 2026-02-21 15:35:34 -06:00
Timothy Jaeryang Baek
ae05586fda refac: oauth session management 2026-02-20 16:49:43 -06:00
Timothy Jaeryang Baek
8bfab327ec refac 2026-02-19 14:14:36 -06:00
Taylor Wilsdon
a30b106ea3 fix issues/21399 (#21400) 2026-02-13 17:42:34 -06:00
Timothy Jaeryang Baek
d1d1efe212 refac: scim 2026-02-13 14:27:11 -06:00
Timothy Jaeryang Baek
c653e4ec54 refac 2026-02-12 15:25:24 -06:00
Classic298
c6af296b60 add message id (#21214) 2026-02-12 15:04:27 -06:00