Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-07 00:15:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

support data url for images

Browse source
This commit is contained in:
Peter Rothlaender 2026-02-24 08:45:41 +01:00
parent 09236c96bc
commit 301be20806
2 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/data-provider/src/config.ts
View file

@ -619,7 +619,7 @@ export const interfaceSchema = z
.string()
.url()
.refine(isSafeImageUrl, {
message: 'loginImageUrl must be a valid HTTP or HTTPS URL',
message: 'loginImageUrl must be a valid HTTP, HTTPS, or data:image URL',
})
.optional(),
loginText: z.string().optional(),

13
packages/data-provider/src/utils.ts
View file

@ -62,14 +62,23 @@ export function normalizeEndpointName(name = ''): string {
}
/**
* Validates that a URL uses only safe protocols (http or https)
* Validates that a URL uses only safe protocols (http, https, or data:image/*)
* @param url - The URL string to validate
* @returns true if the URL is safe, false otherwise
*/
export const isSafeImageUrl = (url: string): boolean => {
try {
const parsedUrl = new URL(url);
return parsedUrl.protocol === 'http:' || parsedUrl.protocol === 'https:';
if (parsedUrl.protocol === 'http:' || parsedUrl.protocol === 'https:') {
return true;
}
if (parsedUrl.protocol !== 'data:') {
return false;
}
// Restrict data URLs to image payloads only.
return /^data:image\/[a-z0-9.+-]+(?:;[a-z0-9=._+-]+)*(?:;base64)?,/i.test(url);
} catch {
return false;
}