github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-07 03:18:23 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[PR #23541] [CLOSED] fix: null-check file owner, timing-safe SCIM token, GCS nested paths #66102

New Issue
Closed
opened 2026-05-06 12:14:41 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-05-06 12:14:41 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/23541
Author: @barry3406
Created: 4/9/2026
Status: Closed

Base: mainHead: fix/multiple-backend-bugs

📝 Commits (3)

  • bf23d00 fix: add null check for file owner in get_html_file_content_by_id
  • e7d76c1 fix: use timing-safe comparison for SCIM bearer token
  • 02ff05b fix: correct GCS filename extraction for nested paths

📊 Changes

3 files changed (+5 additions, -4 deletions)

View changed files

📝 backend/open_webui/routers/files.py (+1 -1)
📝 backend/open_webui/routers/scim.py (+2 -1)
📝 backend/open_webui/storage/provider.py (+2 -2)

📄 Description

Summary

Three independent backend bug fixes:

1. Server crash when file owner is deleted (files.py)

Users.get_user_by_id() returns None when the file owner has been deleted, but .role is accessed without a null check. Any authenticated user requesting that file gets a 500 Internal Server Error.

Fix: Add not file_user or guard before accessing .role.

2. SCIM token vulnerable to timing attack (scim.py)

The SCIM bearer token is compared with !=, which short-circuits on the first differing character. This allows brute-forcing the token by measuring response time. The codebase already uses hmac.compare_digest in utils/auth.py for similar purposes.

Fix: Replace token != scim_token with not hmac.compare_digest(token, scim_token).

3. GCS provider breaks on nested paths (provider.py)

get_file and delete_file in the GCS provider use split('/')[1] to extract the filename, which returns the wrong segment for paths with subdirectories (e.g. gs://bucket/subdir/file.txt returns subdir instead of file.txt). The S3 provider correctly uses split('/')[-1].

Fix: Change [1] to [-1] in both methods.

Test Plan

  • Access a file whose owner has been deleted (should return 403/404, not 500)
  • SCIM token authentication still works correctly
  • GCS file operations work with nested bucket paths

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/23541 **Author:** [@barry3406](https://github.com/barry3406) **Created:** 4/9/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `fix/multiple-backend-bugs` --- ### 📝 Commits (3) - [`bf23d00`](https://github.com/open-webui/open-webui/commit/bf23d0078dcb9aaea587c088247ae0b02c00a5b0) fix: add null check for file owner in get_html_file_content_by_id - [`e7d76c1`](https://github.com/open-webui/open-webui/commit/e7d76c1938a47a82bba3877817b08e8bf08fea97) fix: use timing-safe comparison for SCIM bearer token - [`02ff05b`](https://github.com/open-webui/open-webui/commit/02ff05b8c96cfb3191d46716c4ea155b00d77ae5) fix: correct GCS filename extraction for nested paths ### 📊 Changes **3 files changed** (+5 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/routers/files.py` (+1 -1) 📝 `backend/open_webui/routers/scim.py` (+2 -1) 📝 `backend/open_webui/storage/provider.py` (+2 -2) </details> ### 📄 Description ## Summary Three independent backend bug fixes: ### 1. Server crash when file owner is deleted (`files.py`) `Users.get_user_by_id()` returns `None` when the file owner has been deleted, but `.role` is accessed without a null check. Any authenticated user requesting that file gets a 500 Internal Server Error. **Fix**: Add `not file_user or` guard before accessing `.role`. ### 2. SCIM token vulnerable to timing attack (`scim.py`) The SCIM bearer token is compared with `!=`, which short-circuits on the first differing character. This allows brute-forcing the token by measuring response time. The codebase already uses `hmac.compare_digest` in `utils/auth.py` for similar purposes. **Fix**: Replace `token != scim_token` with `not hmac.compare_digest(token, scim_token)`. ### 3. GCS provider breaks on nested paths (`provider.py`) `get_file` and `delete_file` in the GCS provider use `split('/')[1]` to extract the filename, which returns the wrong segment for paths with subdirectories (e.g. `gs://bucket/subdir/file.txt` returns `subdir` instead of `file.txt`). The S3 provider correctly uses `split('/')[-1]`. **Fix**: Change `[1]` to `[-1]` in both methods. ## Test Plan - [ ] Access a file whose owner has been deleted (should return 403/404, not 500) - [ ] SCIM token authentication still works correctly - [ ] GCS file operations work with nested bucket paths --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-06 12:14:41 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#66102
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?