Merge pull request #1424 from open-webui/dev

fix

Merge pull request #1424 from open-webui/dev
fix
f87805b4 · Timothy Jaeryang Baek · GitHub · 46774aa5 · 7a7d1931 · f87805b4
Unverified Commit f87805b4 authored Apr 04, 2024 by Timothy Jaeryang Baek Committed by GitHub Apr 04, 2024
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 18 deletions

backend/apps/rag/main.py backend/apps/rag/main.py +3 -17

kubernetes/helm/templates/_helpers.tpl kubernetes/helm/templates/_helpers.tpl +1 -1

No files found.
--- a/backend/apps/rag/main.py
+++ b/backend/apps/rag/main.py
@@ -448,25 +448,11 @@ def store_doc(
    log.info(f"file.content_type: {file.content_type}")
    try:
-        is_valid_filename = True
        unsanitized_filename = file.filename
-        if re.search(r'[\\/:"\*\?<>|\n\t ]', unsanitized_filename) is not None:
+        filename = os.path.basename(unsanitized_filename)
-            is_valid_filename = False
-        unvalidated_file_path = f"{UPLOAD_DIR}/{unsanitized_filename}"
+        file_path = f"{UPLOAD_DIR}/{filename}"
-        dereferenced_file_path = str(Path(unvalidated_file_path).resolve(strict=False))
-        if not dereferenced_file_path.startswith(UPLOAD_DIR):
-            is_valid_filename = False
-        if is_valid_filename:
-            file_path = dereferenced_file_path
-        else:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                detail=ERROR_MESSAGES.DEFAULT(),
-            )
-        filename = file.filename
        contents = file.file.read()
        with open(file_path, "wb") as f:
            f.write(contents)
@@ -477,7 +463,7 @@ def store_doc(
            collection_name = calculate_sha256(f)[:63]
        f.close()
-        loader, known_type = get_loader(file.filename, file.content_type, file_path)
+        loader, known_type = get_loader(filename, file.content_type, file_path)
        data = loader.load()
        try:

--- a/kubernetes/helm/templates/_helpers.tpl
+++ b/kubernetes/helm/templates/_helpers.tpl
@@ -7,7 +7,7 @@ ollama
 {{- end -}}
 {{- define "ollama.url" -}}
-{{- printf "http://%s.%s.svc.cluster.local:%d/api" (include "ollama.name" .) (.Release.Namespace) (.Values.ollama.service.port | int) }}
+{{- printf "http://%s.%s.svc.cluster.local:%d/" (include "ollama.name" .) (.Release.Namespace) (.Values.ollama.service.port | int) }}
 {{- end }}
 {{- define "chart.name" -}}