ExternalVendorCode/lollms
1
0
Fork 0
mirror of https://github.com/ParisNeo/lollms.git synced 2024-12-19 20:57:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update security.py

Browse Source
This commit is contained in:
Saifeddine ALOUI 2024-09-12 09:08:44 +02:00 committed by GitHub
parent 39ca983490
commit 627f72832d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lollms/security.py
View File

@ -9,6 +9,7 @@ import re
import platform
import string
from lollms.utilities import PackageManager
from starlette.middleware.base import BaseHTTPMiddleware
if not PackageManager.check_package_installed("lxml"):
PackageManager.install_package("lxml")
@ -334,3 +335,11 @@ if __name__=="__main__":
print(f"Original: {path}, Sanitized: {sanitized}")
except HTTPException as e:
print(f"Original: {path}, Exception: {e.detail}")
class MultipartBoundaryCheck(BaseHTTPMiddleware):
async def dispatch(self, request, call_next):
if request.headers.get("content-type", "").startswith("multipart/form-data"):
boundary = request.headers.get("content-type").split("boundary=")[-1]
if len(boundary) > 70: # Adjust this limit as needed
return JSONResponse(status_code=400, content={"detail": "Invalid boundary length"})
return await call_next(request)