[GH-ISSUE #16161] issue: User can load websites even with settings disabled #56474

New Issue

Closed

opened 2026-05-05 19:30:00 -05:00 by GiteaMirror · 5 comments

GiteaMirror commented 2026-05-05 19:30:00 -05:00

Owner

Copy Link

Originally created by @frenzybiscuit on GitHub (Jul 30, 2025).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/16161

Check Existing Issues

• I have searched the existing issues and discussions.
• I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.18

Ollama Version (if applicable)

Not using ollama

Operating System

Debian 12

Browser (if applicable)

Firefox

Confirmation

• I have read and followed all instructions in README.md.
• I am using the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have provided every relevant configuration, setting, and environment variable used in my setup.
• I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
• I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
• Start with the initial platform/version/OS and dependencies used,
• Specify exact install/launch/configure commands,
• List URLs visited, user input (incl. example values/emails/passwords if needed),
• Describe all options and toggles enabled or changed,
• Include any files or environmental changes,
• Identify the expected and actual result at each stage,
• Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Websites should not load

Actual Behavior

Websites load.

Steps to Reproduce

.

Logs & Screenshots

MISC INFO:

OpenWebUI is setup in docker with open-webui:main

Using a postgresql+pgvector database.

ENABLE_RAG_WEB_SEARCH=false
ENABLE_WEB_SEARCH=false

Using #https://ipchicken.com in chat with the query "What is my IP address" reveals the backend IP.

model:

documents:

web search:

permissions:

permissions:

Additional Information

No response

Originally created by @frenzybiscuit on GitHub (Jul 30, 2025). Original GitHub issue: https://github.com/open-webui/open-webui/issues/16161 ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.18 ### Ollama Version (if applicable) Not using ollama ### Operating System Debian 12 ### Browser (if applicable) Firefox ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Websites should not load ### Actual Behavior Websites load. ### Steps to Reproduce . ### Logs & Screenshots MISC INFO: OpenWebUI is setup in docker with open-webui:main Using a postgresql+pgvector database. ENABLE_RAG_WEB_SEARCH=false ENABLE_WEB_SEARCH=false Using #https://ipchicken.com in chat with the query "What is my IP address" reveals the backend IP. model: <img width="880" height="131" alt="Image" src="https://github.com/user-attachments/assets/c3b4307f-da7b-4684-a60b-3283a036904f" /> documents: <img width="1610" height="849" alt="Image" src="https://github.com/user-attachments/assets/0c445989-32b5-465c-b5d9-7824d227233d" /> web search: <img width="1610" height="849" alt="Image" src="https://github.com/user-attachments/assets/42816f11-545f-4edd-9d03-19955029bff9" /> permissions: <img width="1610" height="849" alt="Image" src="https://github.com/user-attachments/assets/1a9d8fac-7781-4f18-882b-7a38a4726cf1" /> permissions: <img width="1610" height="849" alt="Image" src="https://github.com/user-attachments/assets/54f0e317-5b33-4fea-971b-396b231144bc" /> ### Additional Information _No response_

GiteaMirror added the bug label 2026-05-05 19:30:00 -05:00

GiteaMirror closed this issue 2026-05-05 19:30:02 -05:00

GiteaMirror commented 2026-05-05 19:30:04 -05:00

Author

Owner

Copy Link

@flefevre commented on GitHub (Jul 30, 2025):

What is the difference between
ENABLE_RAG_WEB_SEARCH=false
ENABLE_WEB_SEARCH=false

Is it correlated with Feature Request: Add "Safe Web Search" Mode (No Vector KB, No Memory, Manual Query Approval) #15926

Thanks in advance for the explanation

<!-- gh-comment-id:3137940181 --> @flefevre commented on GitHub (Jul 30, 2025): What is the difference between ENABLE_RAG_WEB_SEARCH=false ENABLE_WEB_SEARCH=false Is it correlated with Feature Request: Add "Safe Web Search" Mode (No Vector KB, No Memory, Manual Query Approval) #15926 Thanks in advance for the explanation

GiteaMirror commented 2026-05-05 19:30:06 -05:00

Author

Owner

Copy Link

@frenzybiscuit commented on GitHub (Jul 30, 2025):

There is a workaround for this.

Enable playright as the website loader. DO NOT FILL OUT THE FORMS. save.

Now it errors out for users when they try to load websites.

<!-- gh-comment-id:3138084091 --> @frenzybiscuit commented on GitHub (Jul 30, 2025): There is a workaround for this. Enable playright as the website loader. DO NOT FILL OUT THE FORMS. save. Now it errors out for users when they try to load websites.

GiteaMirror commented 2026-05-05 19:30:09 -05:00

Author

Owner

Copy Link

@tjbck commented on GitHub (Jul 31, 2025):

# is not a "web search", and is considered as file attachment.

<!-- gh-comment-id:3139028716 --> @tjbck commented on GitHub (Jul 31, 2025): `#` is not a "web search", and is considered as file attachment.

GiteaMirror commented 2026-05-05 19:30:12 -05:00

Author

Owner

Copy Link

@frenzybiscuit commented on GitHub (Jul 31, 2025):

# is not a "web search", and is considered as file attachment.

Users are able to load websites from the backend server using # with the URL, including websites that can be used to locate the IP address of the backend OWUI server.

Is this expected behavior?

<!-- gh-comment-id:3139481344 --> @frenzybiscuit commented on GitHub (Jul 31, 2025): > `#` is not a "web search", and is considered as file attachment. Users are able to load websites from the backend server using # with the URL, including websites that can be used to locate the IP address of the backend OWUI server. Is this expected behavior?

GiteaMirror commented 2026-05-05 19:30:14 -05:00

Author

Owner

Copy Link

@Classic298 commented on GitHub (Jul 31, 2025):

Yes

<!-- gh-comment-id:3141073066 --> @Classic298 commented on GitHub (Jul 31, 2025): Yes

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#56474