Update app.py #337
Merged
Update app.py #337
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| file_name = model_url.split("/")[-1] | ||
| file_path = os.path.join(model_path, file_name) | ||
| response = requests.get(model_url, allow_redirects=True) | ||
| response = requests.get(model_url, allow_redirects=True, stream=True) |
Check failure
Code scanning / CodeQL
Full server-side request forgery Critical
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 10 days ago
To fix the SSRF vulnerability, we need to validate the model_url input to ensure it only allows URLs from trusted sources. One way to achieve this is by maintaining a whitelist of allowed domains and ensuring the user-provided URL matches one of these domains. This approach will prevent users from directing requests to arbitrary, potentially malicious servers.
-
General Fix Approach:
- Validate the
model_urlagainst a whitelist of trusted domains. - Reject or sanitize any URLs that do not match the trusted domains.
- Validate the
-
Detailed Fix:
- Define a list of trusted domains.
- Implement a validation function to check if the
model_urlbelongs to one of the trusted domains. - Use this validation function before making the HTTP request.
-
Specific Changes:
- Add a list of trusted domains.
- Add a validation function.
- Modify the
download_modelfunction to use this validation function.
Suggested changeset
1
LaunchFile/app.py
| @@ -6,2 +6,3 @@ | ||
| import importlib | ||
| from urllib.parse import urlparse | ||
| os.chdir(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) | ||
| @@ -10374,3 +10375,10 @@ | ||
| } | ||
| TRUSTED_DOMAINS = ["huggingface.co", "example.com"] | ||
|
|
||
| def is_valid_url(url, trusted_domains): | ||
| try: | ||
| parsed_url = urlparse(url) | ||
| return any(parsed_url.netloc.endswith(domain) for domain in trusted_domains) | ||
| except Exception: | ||
| return False | ||
|
|
||
| @@ -10399,2 +10407,5 @@ | ||
| progress(0.3, desc="Downloading file") | ||
| if not is_valid_url(model_url, TRUSTED_DOMAINS): | ||
| gr.Error("Invalid or untrusted model URL") | ||
| return None | ||
| if "blob/main" in model_url: |
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?