[GH-ISSUE #7773] Feature: Support .ZIP for "uploads" #14883

New Issue

Closed

opened 2026-04-19 21:08:18 -05:00 by GiteaMirror · 10 comments

GiteaMirror commented 2026-04-19 21:08:18 -05:00

Owner

Copy Link

Originally created by @spammenotinoz on GitHub (Dec 11, 2024).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/7773

Feature Request

Ability to upload .zip files into the chat.

Current Behavior requires extraction of zip file contents before they can be uploaded.

When attempted the error received is
File "/usr/local/lib/python3.11/site-packages/langchain_community/document_loaders/text.py", line 46, in lazy_load
detected_encodings = detect_file_encodings(self.file_path)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/langchain_community/document_loaders/helpers.py", line 50, in detect_file_encodings
raise RuntimeError(f"Could not detect encoding for {file_path}")
RuntimeError: Could not detect encoding for /app/backend/data/uploads/hshfsdfshdfdslfk_pure-support-guide.zip
ERROR [open_webui.apps.webui.routers.files] 400: Could not detect encoding for /app/backend/data/uploads/hshfsdfshdfdslf_pure-support-guide.zip

Originally created by @spammenotinoz on GitHub (Dec 11, 2024). Original GitHub issue: https://github.com/open-webui/open-webui/issues/7773 # Feature Request Ability to upload .zip files into the chat. Current Behavior requires extraction of zip file contents before they can be uploaded. When attempted the error received is File "/usr/local/lib/python3.11/site-packages/langchain_community/document_loaders/text.py", line 46, in lazy_load detected_encodings = detect_file_encodings(self.file_path) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/langchain_community/document_loaders/helpers.py", line 50, in detect_file_encodings raise RuntimeError(f"Could not detect encoding for {file_path}") RuntimeError: Could not detect encoding for /app/backend/data/uploads/hshfsdfshdfdslfk_pure-support-guide.zip ERROR [open_webui.apps.webui.routers.files] 400: Could not detect encoding for /app/backend/data/uploads/hshfsdfshdfdslf_pure-support-guide.zip

GiteaMirror closed this issue 2026-04-19 21:08:18 -05:00

GiteaMirror commented 2026-04-19 21:08:22 -05:00

Author

Owner

Copy Link

@spammenotinoz commented on GitHub (Dec 16, 2024):

Hi silentoplayz, is this closed as NOT intended or closed due to it's already supported but a user error, as in I am doing something wrong.

<!-- gh-comment-id:2544571744 --> @spammenotinoz commented on GitHub (Dec 16, 2024): Hi [silentoplayz](https://github.com/silentoplayz), is this closed as NOT intended or closed due to it's already supported but a user error, as in I am doing something wrong.

GiteaMirror commented 2026-04-19 21:08:23 -05:00

Author

Owner

Copy Link

@spammenotinoz commented on GitHub (Dec 16, 2024):

Thank-you for taking the time to provide such a comprehensive response.

<!-- gh-comment-id:2546839637 --> @spammenotinoz commented on GitHub (Dec 16, 2024): Thank-you for taking the time to provide such a comprehensive response.

GiteaMirror commented 2026-04-19 21:08:24 -05:00

Author

Owner

Copy Link

@bnewddt commented on GitHub (Dec 29, 2024):

@slientoplayz

understood, but somehow we have to get rid of openai services

<!-- gh-comment-id:2564740241 --> @bnewddt commented on GitHub (Dec 29, 2024): @slientoplayz understood, but somehow we have to get rid of openai services

GiteaMirror commented 2026-04-19 21:08:25 -05:00

Author

Owner

Copy Link

@ldemailly commented on GitHub (Mar 6, 2025):

For the record this seems a bit strange... The whole idea is running locally... if I upload bad zip files, it's sort of my fault and I don't see how that's worse than fetching random URLs from the internet? it would be a lot more convenient than adding files one by one when for instance wanting to give a source tree as context

<!-- gh-comment-id:2702356069 --> @ldemailly commented on GitHub (Mar 6, 2025): For the record this seems a bit strange... The whole idea is running locally... if I upload bad zip files, it's sort of my fault and I don't see how that's worse than fetching random URLs from the internet? it would be a lot more convenient than adding files one by one when for instance wanting to give a source tree as context

GiteaMirror commented 2026-04-19 21:08:26 -05:00

Author

Owner

Copy Link

@Dibidydabs commented on GitHub (Mar 18, 2025):

This refusal makes no sense.
Just as Idemailly states, it is far more dangerous to scrape webpages.
You have exploitDB and other places that have active malware, droppers and other malicious code.
Github contains malicious code as well.

Also, if it was such a problem, why does almost every service out there accept them?

Not trying to ruffle feathers, but just pointing out that the excuse for not letting us be able to upload zips seems very arbitrary.

As for zip slip, that is an easy fix.
Every zip is in its only subfolder. No overwriting the files this way.
Also implementing a simple script to rename files of duplicates usually works quite well.

As for arbitrary code execution. That shouldn't happen unless their is specific code to try and install from a zip file. Or to execute scripts from a zip file. Just simply extracting and moving it to a folder should not allow arbitrary code.

For resource exhaustion. You can simply put a toggle to enable or disable the allowance of zip files for those that are in a production environment. You can also set a file size limit on the zip files. Then you could also set it to process in chunks/shards to reduce the resources needed.

Again, for malware content, that is an excuse.
As you should not be executing any code from an uploaded zip file.
This should be standard anyways.
If I upload a .sh file, does it execute the file or does it read the file?
If I upload a python file, does it just read the code or does it execute the code?

Is this not an option you can just turn on or off? I have a toggle to disable code execution.
It shouldn't be too hard to disable arbitrary code execution from an uploaded file.

<!-- gh-comment-id:2733858134 --> @Dibidydabs commented on GitHub (Mar 18, 2025): This refusal makes no sense. Just as Idemailly states, it is far more dangerous to scrape webpages. You have exploitDB and other places that have active malware, droppers and other malicious code. Github contains malicious code as well. Also, if it was such a problem, why does almost every service out there accept them? Not trying to ruffle feathers, but just pointing out that the excuse for not letting us be able to upload zips seems very arbitrary. As for zip slip, that is an easy fix. Every zip is in its only subfolder. No overwriting the files this way. Also implementing a simple script to rename files of duplicates usually works quite well. As for arbitrary code execution. That shouldn't happen unless their is specific code to try and install from a zip file. Or to execute scripts from a zip file. Just simply extracting and moving it to a folder should not allow arbitrary code. For resource exhaustion. You can simply put a toggle to enable or disable the allowance of zip files for those that are in a production environment. You can also set a file size limit on the zip files. Then you could also set it to process in chunks/shards to reduce the resources needed. Again, for malware content, that is an excuse. As you should not be executing any code from an uploaded zip file. This should be standard anyways. If I upload a .sh file, does it execute the file or does it read the file? If I upload a python file, does it just read the code or does it execute the code? Is this not an option you can just turn on or off? I have a toggle to disable code execution. It shouldn't be too hard to disable arbitrary code execution from an uploaded file.

GiteaMirror commented 2026-04-19 21:08:26 -05:00

Author

Owner

Copy Link

@GameBully2K commented on GitHub (Apr 18, 2025):

Maybe make it a feature that only runs on localhost with CORS policy since this would be beneficial for local developement

<!-- gh-comment-id:2815180926 --> @GameBully2K commented on GitHub (Apr 18, 2025): Maybe make it a feature that only runs on localhost with CORS policy since this would be beneficial for local developement

GiteaMirror commented 2026-04-19 21:08:27 -05:00

Author

Owner

Copy Link

@ifgreulich commented on GitHub (Jun 26, 2025):

I agree with @Dibidydabs, it's more a matter of careful implementation of zip file handling and can be implemented safely. Office file formats (e.g. docx or PDF, which is supported) are much more problematic. Even PDF can contain JavaScript...

Actually, not being able to upload archive files (at least zip) reduces the usability of a in my eyes well done UI considerably:

• Unable to upload a number of coherent files make a model work on that.
• Sometimes even the structure between files is important (e.g. code)

Maybe you (the team may rethink the denial of the feature request?

<!-- gh-comment-id:3008842069 --> @ifgreulich commented on GitHub (Jun 26, 2025): I agree with @Dibidydabs, it's more a matter of careful implementation of zip file handling and can be implemented safely. Office file formats (e.g. docx or PDF, which is supported) are much more problematic. Even PDF can contain JavaScript... Actually, not being able to upload archive files (at least zip) reduces the usability of a in my eyes well done UI considerably: - Unable to upload a number of coherent files make a model work on that. - Sometimes even the structure between files is important (e.g. code) Maybe you (the team may rethink the denial of the feature request?

GiteaMirror commented 2026-04-19 21:08:27 -05:00

Author

Owner

Copy Link

@Krashnicov commented on GitHub (Jul 9, 2025):

I feel there is a lot of this convo that I can't see, not sure why?

Either way, a reconsideration of this (I infer that it's closed due to not intended?) would be good and useful.

<!-- gh-comment-id:3052594468 --> @Krashnicov commented on GitHub (Jul 9, 2025): I feel there is a lot of this convo that I can't see, not sure why? Either way, a reconsideration of this (I infer that it's closed due to not intended?) would be good and useful.

GiteaMirror commented 2026-04-19 21:08:28 -05:00

Author

Owner

Copy Link

@BestBackwards commented on GitHub (Jul 30, 2025):

Per the above, I have raised another feature request for this as I believe this request was improperly handled by one of the contributors.

<!-- gh-comment-id:3136955135 --> @BestBackwards commented on GitHub (Jul 30, 2025): Per the above, I have raised another feature request for this as I believe this request was improperly handled by one of the contributors.

GiteaMirror commented 2026-04-19 21:08:28 -05:00

Author

Owner

Copy Link

@silentoplayz commented on GitHub (Jul 30, 2025):

Per the above, I have raised another feature request for this as I believe this request was improperly handled by one of the contributors.

This issue was handled with security of our users in mind. I could've very easily closed it as "not planned". Anyways, I'll try to remain respectful of other people's perspectives and will let the actual maintainer handle the new issue post as he wishes. I'm no longer taking part of this discussion.

<!-- gh-comment-id:3137187684 --> @silentoplayz commented on GitHub (Jul 30, 2025): > Per the above, I have raised another feature request for this as I believe this request was improperly handled by one of the contributors. This issue was handled with security of our users in mind. I could've very easily closed it as "not planned". Anyways, I'll try to remain respectful of other people's perspectives and will let the actual maintainer handle the new issue post as he wishes. I'm no longer taking part of this discussion.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#14883