issue: Temporary Chat File Persistence Violates Confidentiality and Defeats Mode Purpose #5583

Closed
opened 2025-11-11 16:25:13 -06:00 by GiteaMirror · 1 comment
Owner

Originally created by @Ashitaka06 on GitHub (Jun 18, 2025).

Check Existing Issues

  • I have searched the existing issues and discussions.
  • I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

0.6.15

Ollama Version (if applicable)

No response

Operating System

Ubuntu 22.04

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

  • All files uploaded during a temporary chat session are immediately deleted from the backend as soon as the user exits temporary mode.
  • No file metadata, cache, or artifacts from a temporary chat remain accessible or persisted.

Actual Behavior

  • Files uploaded in a temporary chat persist in the backend storage even after exiting temporary mode.
  • Any user with db access can still read those files long after the session has ended, despite the “temporary” label.

Steps to Reproduce

  • Enable Temporary Chat mode.
  • Upload any file (e.g., sensitive-document.pdf).
  • Exit temporary chat.
  • Inspect the file table of the backend storage (SQLite, PostreSQL, etc) — you will find sensitive-document.pdf still present.

Logs & Screenshots

No application errors are thrown; behavior is silent and non‑obvious.

Image

Image

Additional Information

  • A prior discussion on this topic received little visibility despite its critical importance: https://github.com/open-webui/open-webui/discussions/12369
  • Persisting files in “temporary” mode breaks compliance for GDPR, HIPAA, and other data‑protection regimes.
  • If true ephemeral behavior cannot be guaranteed, the “Temporary Chat” feature should be deprecated or renamed to avoid misleading users.
Originally created by @Ashitaka06 on GitHub (Jun 18, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version 0.6.15 ### Ollama Version (if applicable) _No response_ ### Operating System Ubuntu 22.04 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior - All files uploaded during a temporary chat session are immediately deleted from the backend as soon as the user exits temporary mode. - No file metadata, cache, or artifacts from a temporary chat remain accessible or persisted. ### Actual Behavior - Files uploaded in a temporary chat persist in the backend storage even after exiting temporary mode. - Any user with db access can still read those files long after the session has ended, despite the “temporary” label. ### Steps to Reproduce - Enable Temporary Chat mode. - Upload any file (e.g., sensitive-document.pdf). - Exit temporary chat. - Inspect the file table of the backend storage (SQLite, PostreSQL, etc) — you will find sensitive-document.pdf still present. ### Logs & Screenshots No application errors are thrown; behavior is silent and non‑obvious. ![Image](https://github.com/user-attachments/assets/d8d886d4-1fa4-4d48-8deb-ab5dc792e18c) ![Image](https://github.com/user-attachments/assets/60215258-4d16-41ed-93de-baa29af93c2a) ### Additional Information - A prior discussion on this topic received little visibility despite its critical importance: https://github.com/open-webui/open-webui/discussions/12369 - Persisting files in “temporary” mode breaks compliance for GDPR, HIPAA, and other data‑protection regimes. - If true ephemeral behavior cannot be guaranteed, the “Temporary Chat” feature should be deprecated or renamed to avoid misleading users.
GiteaMirror added the bug label 2025-11-11 16:25:13 -06:00
Author
Owner

@tjbck commented on GitHub (Jun 18, 2025):

Image

Temp chat here means the messages won't be saved, if you were to upload a file it'll have to be processed from the backend. Perhaps it'll be a good idea to display a confirmation dialog if you were to upload a file in a temp chat. Will take a look.

@tjbck commented on GitHub (Jun 18, 2025): ![Image](https://github.com/user-attachments/assets/7910eab3-45cc-4598-8b12-2d9f5f7636b3) Temp chat here means the messages won't be saved, if you were to upload a file it'll have to be processed from the backend. Perhaps it'll be a good idea to display a confirmation dialog if you were to upload a file in a temp chat. Will take a look.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#5583