[PR #24602] [CLOSED] fix: remove duplicate allow_redirects in SafeWebBaseLoader._fetch #131405

Closed
opened 2026-05-21 16:51:16 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/24602
Author: @EvanYao826
Created: 5/12/2026
Status: Closed

Base: devHead: fix/safe-web-loader-dup-v3


📝 Commits (1)

  • b75e7fc fix: remove duplicate allow_redirects in SafeWebBaseLoader._fetch

📊 Changes

1 file changed (+0 additions, -1 deletions)

View changed files

📝 backend/open_webui/retrieval/web/utils.py (+0 -1)

📄 Description

Closes #24560

Description

  • Fix TypeError caused by duplicate allow_redirects keyword argument in SafeWebBaseLoader._fetch(), which broke all web search functionality when WEB_LOADER_ENGINE is safe_web.

Fixed

  • Removed the explicit allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS from the session.get() call in _fetch(). The value is already present in self.requests_kwargs (set in __init__), so the explicit parameter causes aiohttp to reject the duplicate kwarg.

Root Cause

In __init__, allow_redirects is added to self.requests_kwargs:

self.requests_kwargs = {
    **(self.requests_kwargs or {}),
    'allow_redirects': AIOHTTP_CLIENT_ALLOW_REDIRECTS,
}

Then in _fetch, it's passed twice:

async with session.get(
    url,
    **(self.requests_kwargs | kwargs),  # already contains allow_redirects
    allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS,  # duplicate!
) as response:

Additional Information


Contributor License Agreement


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/24602 **Author:** [@EvanYao826](https://github.com/EvanYao826) **Created:** 5/12/2026 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `fix/safe-web-loader-dup-v3` --- ### 📝 Commits (1) - [`b75e7fc`](https://github.com/open-webui/open-webui/commit/b75e7fc9d5bc464d39ff0ec6ae029a3f982d620f) fix: remove duplicate allow_redirects in SafeWebBaseLoader._fetch ### 📊 Changes **1 file changed** (+0 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/retrieval/web/utils.py` (+0 -1) </details> ### 📄 Description Closes #24560 ### Description - Fix TypeError caused by duplicate `allow_redirects` keyword argument in `SafeWebBaseLoader._fetch()`, which broke all web search functionality when `WEB_LOADER_ENGINE` is `safe_web`. ### Fixed - Removed the explicit `allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS` from the `session.get()` call in `_fetch()`. The value is already present in `self.requests_kwargs` (set in `__init__`), so the explicit parameter causes `aiohttp` to reject the duplicate kwarg. ### Root Cause In `__init__`, `allow_redirects` is added to `self.requests_kwargs`: ```python self.requests_kwargs = { **(self.requests_kwargs or {}), 'allow_redirects': AIOHTTP_CLIENT_ALLOW_REDIRECTS, } ``` Then in `_fetch`, it's passed twice: ```python async with session.get( url, **(self.requests_kwargs | kwargs), # already contains allow_redirects allow_redirects=AIOHTTP_CLIENT_ALLOW_REDIRECTS, # duplicate! ) as response: ``` ### Additional Information - Introduced by PR #24524 - Confirmed by @farid-abu-issa on Railway deployment (v0.9.5) - SSRF protection is preserved since the value remains in `self.requests_kwargs` --- ### Contributor License Agreement - [x] By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-21 16:51:17 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#131405