[PR #18646] [CLOSED] fix(auth): Decode trusted name header to support non-ASCII usernames #11662

New Issue

GiteaMirror · 2025-11-11T19:38:01-06:00

GiteaMirror commented

2025-11-11 19:38:01 -06:00

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/18646
Author: @JungJunYong
Created: 10/27/2025
Status: ❌ Closed

Base: dev ← Head: fix-auth-decode

📝 Commits (1)

83fef0c fix(auth): Decode trusted name header to support non-ASCII usernames

📊 Changes

1 file changed (+9 additions, -1 deletions)

View changed files

📝 backend/open_webui/routers/auths.py (+9 -1)

📄 Description

Description

This PR fixes an issue where usernames containing non-ASCII characters (e.g., Korean, Japanese, Cyrillic) were displayed incorrectly during trusted header authentication.

The name would appear as a raw URL-encoded string (like %ED%99%8D...) instead of the actual characters (e.g., 홍길동).

How it was fixed

The problem occurred because the backend was reading the WEBUI_AUTH_TRUSTED_NAME_HEADER value directly without decoding it.

This fix introduces urllib.parse.unquote to the sign-in logic. This correctly decodes the header value, converting any URL-encoded sequences back into their original characters before assigning the name to the user.

This ensures usernames in all languages are displayed correctly while still allowing for safe transport of non-ASCII characters in HTTP headers.

contributor license agreement

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/18646 **Author:** [@JungJunYong](https://github.com/JungJunYong) **Created:** 10/27/2025 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `fix-auth-decode` --- ### 📝 Commits (1) - [`83fef0c`](https://github.com/open-webui/open-webui/commit/83fef0cb44fd440ca19106b836720dbbc10bc972) fix(auth): Decode trusted name header to support non-ASCII usernames ### 📊 Changes **1 file changed** (+9 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/routers/auths.py` (+9 -1) </details> ### 📄 Description ## Description This PR fixes an issue where usernames containing non-ASCII characters (e.g., Korean, Japanese, Cyrillic) were displayed incorrectly during trusted header authentication. The name would appear as a raw URL-encoded string (like `%ED%99%8D...`) instead of the actual characters (e.g., `홍길동`). ## How it was fixed The problem occurred because the backend was reading the `WEBUI_AUTH_TRUSTED_NAME_HEADER` value directly without decoding it. This fix introduces `urllib.parse.unquote` to the sign-in logic. This correctly decodes the header value, converting any URL-encoded sequences back into their original characters before assigning the name to the user. This ensures usernames in all languages are displayed correctly while still allowing for safe transport of non-ASCII characters in HTTP headers. contributor license agreement --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2025-11-11 19:38:01 -06:00

GiteaMirror closed this issue

2025-11-11 19:38:01 -06:00

GiteaMirror referenced this issue

2026-04-19 22:16:18 -05:00

[GH-ISSUE #11662] issue: QuotaExceededError when sending a large image (14MB) to gemini-2.0-pro #16313

GiteaMirror referenced this issue

2026-04-25 05:44:27 -05:00

[GH-ISSUE #11662] issue: QuotaExceededError when sending a large image (14MB) to gemini-2.0-pro #31842

GiteaMirror referenced this issue

2026-05-05 16:58:23 -05:00

[GH-ISSUE #11662] issue: QuotaExceededError when sending a large image (14MB) to gemini-2.0-pro #54979