[PR #24601] [CLOSED] fix: remove duplicate allow_redirects in SafeWebBaseLoader._fetch #115048

Closed
opened 2026-05-18 15:58:58 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/24601
Author: @EvanYao826
Created: 5/12/2026
Status: Closed

Base: devHead: fix/safe-web-loader-duplicate-allow-redirects


📝 Commits (10+)

📊 Changes

1 file changed (+0 additions, -1 deletions)

View changed files

📝 backend/open_webui/retrieval/web/utils.py (+0 -1)

📄 Description

Closes #24560

Description

  • Fix TypeError caused by duplicate allow_redirects keyword argument in SafeWebBaseLoader._fetch(), which broke all web search functionality when WEB_LOADER_ENGINE is safe_web.

Fixed

  • Removed the explicit allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS from the session.get() call in _fetch(). The value is already present in self.requests_kwargs (set in __init__), so the explicit parameter causes aiohttp to reject the duplicate kwarg.

Root Cause

In __init__, allow_redirects is added to self.requests_kwargs:

self.requests_kwargs = {
    **(self.requests_kwargs or {}),
    'allow_redirects': AIOHTTP_CLIENT_ALLOW_REDIRECTS,
}

Then in _fetch, it's passed twice:

async with session.get(
    url,
    **(self.requests_kwargs | kwargs),  # already contains allow_redirects
    allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS,  # duplicate!
) as response:

Additional Information


Contributor License Agreement


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/24601 **Author:** [@EvanYao826](https://github.com/EvanYao826) **Created:** 5/12/2026 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `fix/safe-web-loader-duplicate-allow-redirects` --- ### 📝 Commits (10+) - [`fe6783c`](https://github.com/open-webui/open-webui/commit/fe6783c16699911c7be17392596d579333fb110c) Merge pull request #19030 from open-webui/dev - [`fc05e0a`](https://github.com/open-webui/open-webui/commit/fc05e0a6c5d39da60b603b4d520f800d6e36f748) Merge pull request #19405 from open-webui/dev - [`e3faec6`](https://github.com/open-webui/open-webui/commit/e3faec62c58e3a83d89aa3df539feacefa125e0c) Merge pull request #19416 from open-webui/dev - [`9899293`](https://github.com/open-webui/open-webui/commit/9899293f050ad50ae12024cbebee7e018acd851e) Merge pull request #19448 from open-webui/dev - [`140605e`](https://github.com/open-webui/open-webui/commit/140605e660b8186a7d5c79fb3be6ffb147a2f498) Merge pull request #19462 from open-webui/dev - [`6f1486f`](https://github.com/open-webui/open-webui/commit/6f1486ffd0cb288d0e21f41845361924e0d742b3) Merge pull request #19466 from open-webui/dev - [`d95f533`](https://github.com/open-webui/open-webui/commit/d95f533214e3fe5beb5e41ec1f349940bc4c7043) Merge pull request #19729 from open-webui/dev - [`a727153`](https://github.com/open-webui/open-webui/commit/a7271532f8a38da46785afcaa7e65f9a45e7d753) 0.6.43 (#20093) - [`6adde20`](https://github.com/open-webui/open-webui/commit/6adde203cd292a9e3af9c64a2ae36b603fed096a) Merge pull request #20394 from open-webui/dev - [`f9b0534`](https://github.com/open-webui/open-webui/commit/f9b0534e0c442631d1cb7205169588b9b6204179) Merge pull request #20522 from open-webui/dev ### 📊 Changes **1 file changed** (+0 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/retrieval/web/utils.py` (+0 -1) </details> ### 📄 Description Closes #24560 ### Description - Fix TypeError caused by duplicate `allow_redirects` keyword argument in `SafeWebBaseLoader._fetch()`, which broke all web search functionality when `WEB_LOADER_ENGINE` is `safe_web`. ### Fixed - Removed the explicit `allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS` from the `session.get()` call in `_fetch()`. The value is already present in `self.requests_kwargs` (set in `__init__`), so the explicit parameter causes `aiohttp` to reject the duplicate kwarg. ### Root Cause In `__init__`, `allow_redirects` is added to `self.requests_kwargs`: ```python self.requests_kwargs = { **(self.requests_kwargs or {}), 'allow_redirects': AIOHTTP_CLIENT_ALLOW_REDIRECTS, } ``` Then in `_fetch`, it's passed twice: ```python async with session.get( url, **(self.requests_kwargs | kwargs), # already contains allow_redirects allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS, # duplicate! ) as response: ``` ### Additional Information - Introduced by PR #24524 - Confirmed by @farid-abu-issa on Railway deployment - SSRF protection is preserved since the value remains in `self.requests_kwargs` --- ### Contributor License Agreement - [x] By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-18 15:58:58 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#115048