mirror of
https://github.com/labring/FastGPT.git
synced 2026-05-05 01:02:59 +08:00
chat file url white list (#6053)
* chat file url white list * perf: white list --------- Co-authored-by: archer <545436317@qq.com>
This commit is contained in:
heheer
@@ -14,6 +14,7 @@ import { addLog } from '../../../common/system/log';
|
||||
import { getImageBase64 } from '../../../common/file/image/utils';
|
||||
import { getS3ChatSource } from '../../../common/s3/sources/chat';
|
||||
import { isInternalAddress } from '../../../common/system/utils';
|
||||
import { getErrText } from '@fastgpt/global/common/error/utils';
|
||||
|
||||
export const filterGPTMessageByMaxContext = async ({
|
||||
messages = [],
|
||||
@@ -166,26 +167,32 @@ export const loadRequestMessages = async ({
|
||||
process.env.MULTIPLE_DATA_TO_BASE64 !== 'false' ||
|
||||
isInternalAddress(imgUrl)
|
||||
) {
|
||||
const url = await (async () => {
|
||||
if (item.key) {
|
||||
try {
|
||||
return await getS3ChatSource().createGetChatFileURL({
|
||||
key: item.key,
|
||||
external: false
|
||||
});
|
||||
} catch (error) {}
|
||||
}
|
||||
return imgUrl;
|
||||
})();
|
||||
const { completeBase64: base64 } = await getImageBase64(url);
|
||||
try {
|
||||
const url = await (async () => {
|
||||
if (item.key) {
|
||||
try {
|
||||
return await getS3ChatSource().createGetChatFileURL({
|
||||
key: item.key,
|
||||
external: false
|
||||
});
|
||||
} catch (error) {}
|
||||
}
|
||||
return imgUrl;
|
||||
})();
|
||||
const { completeBase64: base64 } = await getImageBase64(url);
|
||||
|
||||
return {
|
||||
...item,
|
||||
image_url: {
|
||||
...item.image_url,
|
||||
url: base64
|
||||
}
|
||||
};
|
||||
return {
|
||||
...item,
|
||||
image_url: {
|
||||
...item.image_url,
|
||||
url: base64
|
||||
}
|
||||
};
|
||||
} catch (error) {
|
||||
return Promise.reject(
|
||||
`Cannot load image ${imgUrl}, because ${getErrText(error)}`
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// 检查下这个图片是否可以被访问,如果不行的话,则过滤掉
|
||||
|
||||
@@ -23,7 +23,7 @@ import type {
|
||||
SystemVariablesType
|
||||
} from '@fastgpt/global/core/workflow/runtime/type';
|
||||
import type { RuntimeNodeItemType } from '@fastgpt/global/core/workflow/runtime/type.d';
|
||||
import { getErrText } from '@fastgpt/global/common/error/utils';
|
||||
import { getErrText, UserError } from '@fastgpt/global/common/error/utils';
|
||||
import { ChatItemValueTypeEnum } from '@fastgpt/global/core/chat/constants';
|
||||
import { filterPublicNodeResponseData } from '@fastgpt/global/core/chat/utils';
|
||||
import {
|
||||
@@ -58,6 +58,7 @@ import type { MCPClient } from '../../app/mcp';
|
||||
import { TeamErrEnum } from '@fastgpt/global/common/error/code/team';
|
||||
import { i18nT } from '../../../../web/i18n/utils';
|
||||
import { clone } from 'lodash';
|
||||
import { validateFileUrlDomain } from '../../../common/security/fileUrlValidator';
|
||||
|
||||
type Props = Omit<
|
||||
ChatDispatchProps,
|
||||
@@ -88,7 +89,21 @@ export async function dispatchWorkFlow({
|
||||
}: Props & WorkflowUsageProps): Promise<DispatchFlowResponse> {
|
||||
const { res, stream, runningUserInfo, runningAppInfo, lastInteractive, histories, query } = data;
|
||||
|
||||
// Check url valid
|
||||
const invalidInput = query.some((item) => {
|
||||
if (item.type === ChatItemValueTypeEnum.file && item.file?.url) {
|
||||
if (!validateFileUrlDomain(item.file.url)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
});
|
||||
if (invalidInput) {
|
||||
addLog.info('[Workflow run] Invalid file url');
|
||||
return Promise.reject(new UserError('Invalid file url'));
|
||||
}
|
||||
// Check point
|
||||
await checkTeamAIPoints(runningUserInfo.teamId);
|
||||
|
||||
const [{ timezone, externalProvider }, newUsageId] = await Promise.all([
|
||||
getUserChatInfo(runningUserInfo.tmbId),
|
||||
(() => {
|
||||
|
||||
Reference in New Issue
Block a user