[PR #24756] fix: validate Playwright navigations and gate redirects in web loader #115133

Open
opened 2026-05-18 16:05:42 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/24756
Author: @Classic298
Created: 5/15/2026
Status: 🔄 Open

Base: devHead: fix/playwright-redirect-ssrf


📝 Commits (1)

  • 202bd11 fix: validate Playwright navigations and gate redirects in web loader

📊 Changes

1 file changed (+58 additions, -0 deletions)

View changed files

📝 backend/open_webui/retrieval/web/utils.py (+58 -0)

📄 Description

SafePlaywrightURLLoader validated only the initially submitted URL and then let the browser follow HTTP redirects and client-side navigations without re-checking them, so a public URL could redirect into the internal network (cloud metadata, RFC1918, loopback). Intercept document-type requests, re-run validate_url on each, and apply the same redirect policy as the requests loader (blocked unless AIOHTTP_CLIENT_ALLOW_REDIRECTS). Sub-resource requests pass through unchanged so page rendering performance is unaffected.

Contributor License Agreement

Note

Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/24756 **Author:** [@Classic298](https://github.com/Classic298) **Created:** 5/15/2026 **Status:** 🔄 Open **Base:** `dev` ← **Head:** `fix/playwright-redirect-ssrf` --- ### 📝 Commits (1) - [`202bd11`](https://github.com/open-webui/open-webui/commit/202bd1116eae9c838738448e92ea666890ac794b) fix: validate Playwright navigations and gate redirects in web loader ### 📊 Changes **1 file changed** (+58 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/retrieval/web/utils.py` (+58 -0) </details> ### 📄 Description SafePlaywrightURLLoader validated only the initially submitted URL and then let the browser follow HTTP redirects and client-side navigations without re-checking them, so a public URL could redirect into the internal network (cloud metadata, RFC1918, loopback). Intercept document-type requests, re-run validate_url on each, and apply the same redirect policy as the requests loader (blocked unless AIOHTTP_CLIENT_ALLOW_REDIRECTS). Sub-resource requests pass through unchanged so page rendering performance is unaffected. ### Contributor License Agreement <!-- 🚨 DO NOT DELETE THE TEXT BELOW 🚨 Keep the "Contributor License Agreement" confirmation text intact. Deleting it will trigger the CLA-Bot to INVALIDATE your PR. Your PR will NOT be reviewed or merged until you check the box below confirming that you have read and agree to the terms of the CLA. --> - [x] By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. > [!NOTE] > Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-18 16:05:42 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#115133