search

Chainlit / chainlit

Build Conversational AI in minutes ⚡️
https://docs.chainlit.io
Apache License 2.0
7.04k stars 925 forks source link

Config spontaneous_file_upload.accept is not check in the backend #1458

Open qvalentin opened 2 days ago

qvalentin commented 2 days ago

Describe the bug Currently the config option spontaneous_file_upload is listed under config options for the backend. But this config is not used in the server to check files uploaded. The server should also validate files (e.g. their mimetype) and not rely on the frontend to do it.

This is also relevant to the security issue described here: https://github.com/Chainlit/chainlit/issues/1101#issuecomment-2416021371

To Reproduce Steps to reproduce the behavior:

  1. Set spontaneous_file_upload.accept to ["image/png"]
  2. Upload a video with the /project/file endpoint
  3. The file is uploaded correctly

Expected behavior The server should not accept the file with an mimetype other than the configured values.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

n/a

Smartphone (please complete the following information):

n/a

Additional context

Mimetype validation is one aspect of the missing implementation of the config in the backend, the other options should also have effects in the backend.

dosubot[bot] commented 2 days ago

@qvalentin Hello there! I'm here to help you with any bugs, questions, or contributions you have. Let's squash those bugs together!

To address the issue where the spontaneous_file_upload.accept configuration is not being validated on the server side, you need to ensure that the backend is configured to enforce MIME type validation. This can be done by specifying the accepted MIME types in your configuration file and ensuring that the backend code checks these types during file uploads.

Here's an example of how you can configure the backend to validate the spontaneous_file_upload.accept option:

[features.spontaneous_file_upload]
    enabled = true
    accept = ["image/png"]

Additionally, make sure that the backend code is updated to enforce this validation. This involves modifying the server-side logic to check the MIME type of uploaded files against the configured accept list and reject any files that do not match the specified types. This will help mitigate security risks by preventing unauthorized file types from being uploaded [1][2].

To continue talking to Dosu, mention @dosu.

dokterbob commented 2 days ago

@qvalentin Really appreciate your support in dealing with significant technical depth on the security of chainlit (while we're doing by best to prevent this sort of issue in the future).

The relevant config is here: https://github.com/Chainlit/chainlit/blob/6f9d0331df78e8069b0d21d2c27bc2e698556be5/backend/chainlit/config.py#L223

It seems to me that none of these settings are taken into account on the backend. It will take us a couple of days to address that, let us know if you're able and willing to work on a PR ahead of that!