[PR #10299] [CLOSED] feat: Implement support for custom HTML & Javascript via banners system #22488

New Issue

GiteaMirror · 2026-04-20T04:11:13-05:00

GiteaMirror commented

2026-04-20 04:11:13 -05:00

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/10299
Author: @taylorwilsdon
Created: 2/18/2025
Status: ❌ Closed

Base: dev ← Head: custom_html

📝 Commits (10+)

75e005b feat: add support for HTML banner type with custom content
5c94ec8 feat: add HTML banner type option to interface settings
01c3b29 fix: apply consistent styling to HTML banner content
c1ca4f8 feat: add silent HTML banner injection for scripts and analytics
ec05d55 feat: allow script tags in HTML banners via DOMPurify config
37c028b feat: rename HTML banner type to Custom and improve helper text
984bf28 Implement support for custom HTML & Javascript via banners system
f7401b9 feat: add security warning for custom HTML banner input
2256400 feat: add security warning for custom banner type execution
cc74c9a Move warning text

📊 Changes

2 files changed (+36 additions, -14 deletions)

View changed files

📝 src/lib/components/admin/Settings/Interface.svelte (+19 -8)
📝 src/lib/components/common/Banner.svelte (+17 -6)

📄 Description

Pull Request Checklist

Note to first-time contributors: Please open a discussion post in Discussions and describe your changes before submitting a pull request.

Before submitting, make sure you've checked the following:

Target branch: Please verify that the pull request targets the dev branch.
Description: Provide a concise description of the changes made in this pull request.
Changelog: Ensure a changelog entry following the format of Keep a Changelog is added at the bottom of the PR description.
Documentation: Have you updated relevant documentation Open WebUI Docs, or other documentation sources?
Dependencies: Are there any new dependencies? Have you updated the dependency versions in the documentation?
Testing: Have you written and run sufficient tests for validating the changes?
Code review: Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards?
Prefix: To cleary categorize this pull request, prefix the pull request title, using one of the following:
- BREAKING CHANGE: Significant changes that may affect compatibility
- build: Changes that affect the build system or external dependencies
- ci: Changes to our continuous integration processes or workflows
- chore: Refactor, cleanup, or other non-functional code changes
- docs: Documentation update or addition
- feat: Introduces a new feature or enhancement to the codebase
- fix: Bug fix or error correction
- i18n: Internationalization or localization changes
- perf: Performance improvement
- refactor: Code restructuring for better maintainability, readability, or scalability
- style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.)
- test: Adding missing tests or correcting existing tests
- WIP: Work in progress, a temporary label for incomplete or ongoing work

Changelog Entry

Description

Implement support for custom HTML & Javascript via banners system. One thing that's been a pain point with each upgrade is that my Google Analytics tag is wiped out. This would allow persistent storage of that and other use cases, utilizing the existing endpoints and storage for banners. Currently, the only way to inject my script tag into the content is by editing build/index.html directly in the container, which is not sustainable. This feature would implement support for a new Custom banner type, which would be subject to less sanitization and be capable of rendering arbitrary HTML or Javascript.

Added

New "Custom" type for banners and updated banner rendering system that will bypass content sanitization for HTML and Javascript if Custom is selected.
Displays warning banner about risk of arbitrary Javascript execution, only available to admins

Changed

Deprecated

Removed

Fixed

Security

Breaking Changes

Additional Information

Idea / discussion #10298

Screenshots or Videos

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/10299 **Author:** [@taylorwilsdon](https://github.com/taylorwilsdon) **Created:** 2/18/2025 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `custom_html` --- ### 📝 Commits (10+) - [`75e005b`](https://github.com/open-webui/open-webui/commit/75e005bc4212faee2fe0474111907207eba3bc8f) feat: add support for HTML banner type with custom content - [`5c94ec8`](https://github.com/open-webui/open-webui/commit/5c94ec8d14ddd2f348948e8fd9bf004335135a78) feat: add HTML banner type option to interface settings - [`01c3b29`](https://github.com/open-webui/open-webui/commit/01c3b29d574fca43e32c0294b41775863c5baf9e) fix: apply consistent styling to HTML banner content - [`c1ca4f8`](https://github.com/open-webui/open-webui/commit/c1ca4f8e783fc9bf0e5ca11ff056287c94d0d8af) feat: add silent HTML banner injection for scripts and analytics - [`ec05d55`](https://github.com/open-webui/open-webui/commit/ec05d552c3e56bd316018b76688e6be489cfc171) feat: allow script tags in HTML banners via DOMPurify config - [`37c028b`](https://github.com/open-webui/open-webui/commit/37c028b2e6692731dde7b34a901a1f707888a955) feat: rename HTML banner type to Custom and improve helper text - [`984bf28`](https://github.com/open-webui/open-webui/commit/984bf2844c467f088d3712f34aef5c01e0c6cbc8) Implement support for custom HTML & Javascript via banners system - [`f7401b9`](https://github.com/open-webui/open-webui/commit/f7401b93b1b8c0dc12dce9ae7901debf431798f8) feat: add security warning for custom HTML banner input - [`2256400`](https://github.com/open-webui/open-webui/commit/225640048c42562f831b1eb2454fdfa839fe320e) feat: add security warning for custom banner type execution - [`cc74c9a`](https://github.com/open-webui/open-webui/commit/cc74c9ae61e1a7915c2dac145c1d1164e8fc1337) Move warning text ### 📊 Changes **2 files changed** (+36 additions, -14 deletions) <details> <summary>View changed files</summary> 📝 `src/lib/components/admin/Settings/Interface.svelte` (+19 -8) 📝 `src/lib/components/common/Banner.svelte` (+17 -6) </details> ### 📄 Description # Pull Request Checklist ### Note to first-time contributors: Please open a discussion post in [Discussions](https://github.com/open-webui/open-webui/discussions) and describe your changes before submitting a pull request. **Before submitting, make sure you've checked the following:** - [x] **Target branch:** Please verify that the pull request targets the `dev` branch. - [x] **Description:** Provide a concise description of the changes made in this pull request. - [x] **Changelog:** Ensure a changelog entry following the format of [Keep a Changelog](https://keepachangelog.com/) is added at the bottom of the PR description. - [x] **Documentation:** Have you updated relevant documentation [Open WebUI Docs](https://github.com/open-webui/docs), or other documentation sources? - [x] **Dependencies:** Are there any new dependencies? Have you updated the dependency versions in the documentation? - [x] **Testing:** Have you written and run sufficient tests for validating the changes? - [x] **Code review:** Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards? - [x] **Prefix:** To cleary categorize this pull request, prefix the pull request title, using one of the following: - **BREAKING CHANGE**: Significant changes that may affect compatibility - **build**: Changes that affect the build system or external dependencies - **ci**: Changes to our continuous integration processes or workflows - **chore**: Refactor, cleanup, or other non-functional code changes - **docs**: Documentation update or addition - **feat**: Introduces a new feature or enhancement to the codebase - **fix**: Bug fix or error correction - **i18n**: Internationalization or localization changes - **perf**: Performance improvement - **refactor**: Code restructuring for better maintainability, readability, or scalability - **style**: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.) - **test**: Adding missing tests or correcting existing tests - **WIP**: Work in progress, a temporary label for incomplete or ongoing work # Changelog Entry ### Description - Implement support for custom HTML & Javascript via banners system. One thing that's been a pain point with each upgrade is that my Google Analytics tag is wiped out. This would allow persistent storage of that and other use cases, utilizing the existing endpoints and storage for banners. Currently, the only way to inject my script tag into the content is by editing build/index.html directly in the container, which is not sustainable. This feature would implement support for a new Custom banner type, which would be subject to less sanitization and be capable of rendering arbitrary HTML or Javascript. ### Added - New "Custom" type for banners and updated banner rendering system that will bypass content sanitization for HTML and Javascript if Custom is selected. - Displays warning banner about risk of arbitrary Javascript execution, only available to admins - ### Changed ### Deprecated ### Removed ### Fixed ### Security ### Breaking Changes --- ### Additional Information Idea / discussion #10298 ### Screenshots or Videos ![image](https://github.com/user-attachments/assets/173e63de-dd61-4a75-9a61-75c0dcf1d618) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-04-20 04:11:13 -05:00

GiteaMirror closed this issue

2026-04-20 04:11:14 -05:00

GiteaMirror referenced this issue

2026-04-25 09:28:59 -05:00

[GH-ISSUE #22488] feat: Removing Chat Folder Icon #35250

GiteaMirror referenced this issue

2026-05-05 23:05:21 -05:00

[GH-ISSUE #22488] feat: Removing Chat Folder Icon #58387

Sign in to join this conversation.