ExternalVendorCode/lollms-webui
1
0
Fork 0
mirror of https://github.com/ParisNeo/lollms-webui.git synced 2024-12-18 20:17:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enhanced

Browse Source
This commit is contained in:
Saifeddine ALOUI 2024-04-04 18:20:24 +02:00
parent c04929e459
commit 1e17df01e0
8 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lollms_core

@ -1 +1 @@
Subproject commit 5f406b9bbdc1b7c4ed7145090044514e3a684544
Subproject commit f4424cfc3d6dfb3ad5ac17dd46801efe784933e9

6
tests/pentests/test_sanitize/test.py
View File

@ -4,6 +4,8 @@ from pathlib import Path
import re
import pytest
def sanitize_path_from_endpoint(path: str, error_text="A suspected LFI attack detected. The path sent to the server has suspicious elements in it!", exception_text="Invalid path!"):
if path.strip().startswith("/"):
raise HTTPException(status_code=400, detail=exception_text)
# Fix the case of "/" at the beginning on the path
if path is None:
return path
@ -25,7 +27,9 @@ def test_sanitize_path_from_endpoint():
assert sanitize_path_from_endpoint(valid_path) == "example/path"
# Test a path with suspicious elements
suspicious_path = "/images//D:/POC/secret.txt"
suspicious_path = "/D:/POC/secret.txt"
#suspicious_path = "/images//D:/POC/secret.txt"
with pytest.raises(HTTPException):
sanitize_path_from_endpoint(suspicious_path)

6
web/dist/assets/index-98910268.js → web/dist/assets/index-91ab3091.js vendored
View File

File diff suppressed because one or more lines are too long

8
web/dist/assets/index-d4c7f2b1.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

8
web/dist/assets/index-dbb96f42.css vendored
View File

File diff suppressed because one or more lines are too long

4
web/dist/index.html vendored
View File

@ -6,8 +6,8 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>LoLLMS WebUI - Welcome</title>
<script type="module" crossorigin src="/assets/index-98910268.js"></script>
<link rel="stylesheet" href="/assets/index-dbb96f42.css">
<script type="module" crossorigin src="/assets/index-91ab3091.js"></script>
<link rel="stylesheet" href="/assets/index-d4c7f2b1.css">
</head>
<body>
<div id="app"></div>

1
web/src/views/DiscussionsView.vue
View File

@ -1342,6 +1342,7 @@ export default {
messageItem && (msgObj.message_type==this.msgTypes.MSG_TYPE_FULL ||
msgObj.message_type==this.msgTypes.MSG_TYPE_FULL_INVISIBLE_TO_AI)
) {
this.isGenerating = true;
messageItem.content = msgObj.content
messageItem.finished_generating_at = msgObj.finished_generating_at
}

2
zoos/personalities_zoo

@ -1 +1 @@
Subproject commit 5658cf08f986fe8db12ca1732cf03d36f7d1630f
Subproject commit 18f466025551401455c2a38baf874aa2172b0055