[PR #14104] [MERGED] fix: handle escaped characters in DATABASE_URL username #39019

New Issue

GiteaMirror · 2026-04-25T11:45:57-05:00

GiteaMirror commented

2026-04-25 11:45:57 -05:00

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/14104
Author: @bassettb
Created: 5/20/2025
Status: ✅ Merged
Merged: 5/20/2025
Merged by: @tjbck

Base: dev ← Head: bryan/parse-db-user-chars

📝 Commits (1)

12896fb use unquote_user in peewee 3.17.10

📊 Changes

3 files changed (+4 additions, -4 deletions)

View changed files

📝 backend/open_webui/internal/wrappers.py (+2 -2)
📝 backend/requirements.txt (+1 -1)
📝 pyproject.toml (+1 -1)

📄 Description

Changelog Entry

Description

When specifying an external database using the DATABASE_URL, the username might contain an escaped @ sign (%40), just like the password might contain escaped special characters. OpenWebUI should properly decode this URL and unescape the %40 back into @ before sending the username to the database. The call to the Peewee library unescapes the password, but not the username. SqlAlchemy handles it for both username and password.
This PR updates the call to Peewee, instructing it to unescape special characters in the username. This feature was recently added to Peewee.

Fixed

Proper handling of escaped special characters in the username part of the DATABASE_URL

Additional Information

Fixes [GH-ISSUE #619] feat: per-chat and/or per-model system prompt (#12145)

Contributor License Agreement

By submitting this pull request, I confirm that I have read and fully agree to the Contributor License Agreement (CLA), and I am providing my contributions under its terms.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/14104 **Author:** [@bassettb](https://github.com/bassettb) **Created:** 5/20/2025 **Status:** ✅ Merged **Merged:** 5/20/2025 **Merged by:** [@tjbck](https://github.com/tjbck) **Base:** `dev` ← **Head:** `bryan/parse-db-user-chars` --- ### 📝 Commits (1) - [`12896fb`](https://github.com/open-webui/open-webui/commit/12896fb7281130831dbbd0a4044675d3c89e35a5) use unquote_user in peewee 3.17.10 ### 📊 Changes **3 files changed** (+4 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/internal/wrappers.py` (+2 -2) 📝 `backend/requirements.txt` (+1 -1) 📝 `pyproject.toml` (+1 -1) </details> ### 📄 Description # Changelog Entry ### Description - When specifying an external database using the DATABASE_URL, the username might contain an escaped @ sign (`%40`), just like the password might contain escaped special characters. OpenWebUI should properly decode this URL and unescape the `%40` back into `@` before sending the username to the database. The call to the Peewee library unescapes the password, but not the username. SqlAlchemy handles it for both username and password. - This PR updates the call to Peewee, instructing it to unescape special characters in the username. This feature was recently added to Peewee. ### Fixed - Proper handling of escaped special characters in the username part of the DATABASE_URL --- ### Additional Information - Fixes #12145 ### Contributor License Agreement By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-04-25 11:45:57 -05:00

GiteaMirror closed this issue

2026-04-25 11:45:58 -05:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#39019