[PR #24809] fix: disable redirect following in OAuth picture fetch (SSRF) #115171

Open
opened 2026-05-18 16:07:27 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/24809
Author: @Classic298
Created: 5/16/2026
Status: 🔄 Open

Base: devHead: fix/oauth-picture-url-redirect-ssrf


📝 Commits (1)

  • 6da480a fix: disable redirect following in OAuth picture fetch (SSRF)

📊 Changes

1 file changed (+7 additions, -1 deletions)

View changed files

📝 backend/open_webui/utils/oauth.py (+7 -1)

📄 Description

_process_picture_url validated the initial picture URL with validate_url() but then aiohttp followed 3xx redirects without re-validating the target, so a validate_url-passing public URL could 302 to an internal address and the body was base64-stored in the user's profile_image_url. This is the sixth call site of the CVE-2026-45401 redirect-bypass cohort; the other five already pass allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS. Apply the same.

Contributor License Agreement

Note

Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/24809 **Author:** [@Classic298](https://github.com/Classic298) **Created:** 5/16/2026 **Status:** 🔄 Open **Base:** `dev` ← **Head:** `fix/oauth-picture-url-redirect-ssrf` --- ### 📝 Commits (1) - [`6da480a`](https://github.com/open-webui/open-webui/commit/6da480a1e83280acf9117a1355fa92f5f9cc75fa) fix: disable redirect following in OAuth picture fetch (SSRF) ### 📊 Changes **1 file changed** (+7 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/utils/oauth.py` (+7 -1) </details> ### 📄 Description _process_picture_url validated the initial picture URL with validate_url() but then aiohttp followed 3xx redirects without re-validating the target, so a validate_url-passing public URL could 302 to an internal address and the body was base64-stored in the user's profile_image_url. This is the sixth call site of the CVE-2026-45401 redirect-bypass cohort; the other five already pass allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS. Apply the same. ### Contributor License Agreement <!-- 🚨 DO NOT DELETE THE TEXT BELOW 🚨 Keep the "Contributor License Agreement" confirmation text intact. Deleting it will trigger the CLA-Bot to INVALIDATE your PR. Your PR will NOT be reviewed or merged until you check the box below confirming that you have read and agree to the terms of the CLA. --> - [x] By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. > [!NOTE] > Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-18 16:07:27 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#115171