feat: Secure Client-Side Web Browsing for browse_url Feature #4550

New Issue

Closed

opened 2025-11-11 15:56:38 -06:00 by GiteaMirror · 0 comments

GiteaMirror commented 2025-11-11 15:56:38 -06:00

Owner

Copy Link

Originally created by @flefevre on GitHub (Mar 25, 2025).

Check Existing Issues

• I have searched the existing issues and discussions.

Problem Description

Description:
Currently, the browse_url feature in Open WebUI is implemented server-side, which poses several challenges:

Server-side internet access is restricted via whitelisting, limiting its usability.

Users lack control over the exact queries sent by the LLM, which can lead to unintended data exposure.

Proposed Solution:

Implement a client-side browsing approach, allowing the user's local machine to handle web requests instead of the server.

Desired Solution you'd like

Key Features:

1. Client-Side Execution

Offload web search and browsing tasks to the user's machine.

Use browser APIs (e.g., fetch, WebView, or an extension) to perform searches directly.

2. User-Controlled Query Validation

Provide an interactive mode where users can review and approve search queries before they are executed.

Display the exact request generated by the LLM, giving full transparency.

3. Security & Privacy Enhancements

Ensure that sensitive data is not accidentally sent to external services.

Allow users to define custom filtering rules or manually edit queries before execution.

Alternatives Considered

No response

Additional Context

Expected Benefits:

✅ Bypasses server-side internet restrictions (whitelist issues).
✅ Improves user control and transparency over web queries.
✅ Reduces risks of unintended data exposure by enforcing query validation.

Would love to hear thoughts from the maintainers on feasibility and best practices for implementation!

François

Originally created by @flefevre on GitHub (Mar 25, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. ### Problem Description **Description**: Currently, the browse_url feature in Open WebUI is implemented server-side, which poses several challenges: Server-side internet access is restricted via whitelisting, limiting its usability. Users lack control over the exact queries sent by the LLM, which can lead to unintended data exposure. **Proposed Solution:** Implement a client-side browsing approach, allowing the user's local machine to handle web requests instead of the server. ### Desired Solution you'd like **Key Features:** 1. Client-Side Execution Offload web search and browsing tasks to the user's machine. Use browser APIs (e.g., fetch, WebView, or an extension) to perform searches directly. 2. User-Controlled Query Validation Provide an interactive mode where users can review and approve search queries before they are executed. Display the exact request generated by the LLM, giving full transparency. 3. Security & Privacy Enhancements Ensure that sensitive data is not accidentally sent to external services. Allow users to define custom filtering rules or manually edit queries before execution. ### Alternatives Considered _No response_ ### Additional Context **Expected Benefits:** ✅ Bypasses server-side internet restrictions (whitelist issues). ✅ Improves user control and transparency over web queries. ✅ Reduces risks of unintended data exposure by enforcing query validation. Would love to hear thoughts from the maintainers on feasibility and best practices for implementation! François

GiteaMirror closed this issue 2025-11-11 15:56:38 -06:00

GiteaMirror referenced this issue 2026-04-19 20:18:58 -05:00

[GH-ISSUE #4550] enh: config.json to db #13650

GiteaMirror referenced this issue 2026-04-25 03:37:13 -05:00

[GH-ISSUE #4550] enh: config.json to db #29178

GiteaMirror referenced this issue 2026-05-05 13:26:56 -05:00

[GH-ISSUE #4550] enh: config.json to db #52316

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#4550