Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-16 16:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
LibreChat/api/server/middleware
History
Danny Avila 6fa94d3eb8
Some checks are pending
Docker Dev Branch Images Build / build (Dockerfile, lc-dev, node) (push) Waiting to run
Details
Docker Dev Branch Images Build / build (Dockerfile.multi, lc-dev-api, api-build) (push) Waiting to run
Details
🔐 fix: Secure iconURL Handling (#10753) 
* 🔒 fix: `iconURL` in conversation parsing

- Updated the `buildEndpointOption` middleware to derive `iconURL` from model specs when not provided by the client, improving security by preventing malicious URLs.
- Modified the `parseCompactConvo` function to strip `iconURL` from conversation inputs, ensuring it is only set server-side.
- Added comprehensive tests to validate the stripping of `iconURL` across various endpoint types, enhancing overall input sanitization.

*  feat: Add ESLint rule for unused variables

- Introduced a new ESLint rule to warn about unused variables, allowing for better code quality and maintainability.
- Configured the rule to ignore variables and arguments that start with an underscore, accommodating common coding practices.
2025-12-01 17:41:39 -05:00
..
accessResources 🔄 refactor: Convert OCR Tool Resource to Context (#9699) 2025-09-18 20:06:59 -04:00
assistants 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
config 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
limiters 🔄 refactor: Migrate Cache Logic to TypeScript (#9771) 2025-10-02 09:33:58 -04:00
roles 🏪 feat: Agent Marketplace 2025-08-13 16:24:18 -04:00
spec 🧭 fix: Add Base Path Support for Login/Register and Image Paths (#10116) 2025-11-21 11:25:14 -05:00
validate 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
abortControllers.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
abortMiddleware.js fix: AbortSignal Cleanup Logic for New Chats (#9177) 2025-08-20 14:56:07 -04:00
abortRun.js 🔧 fix: Assistants API SDK calls to match Updated Arguments (#8818) 2025-08-02 12:19:58 -04:00
buildEndpointOption.js 🔐 fix: Secure iconURL Handling (#10753) 2025-12-01 17:41:39 -05:00
canDeleteAccount.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
checkBan.js 🔄 refactor: Migrate Cache Logic to TypeScript (#9771) 2025-10-02 09:33:58 -04:00
checkDomainAllowed.js 📧 fix: Case-Insensitive Domain Matching (#9868) 2025-09-27 21:20:19 -04:00
checkInviteUser.js 🏗️ refactor: Extract DB layers to data-schemas for shared use (#7650) 2025-05-30 22:18:13 -04:00
checkPeoplePickerAccess.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
checkPeoplePickerAccess.spec.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
concurrentLimiter.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
denyRequest.js 🕐 feat: Configurable Retention Period for Temporary Chats (#8056) 2025-06-25 17:16:26 -04:00
error.js 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
index.js 🔐 fix: Image Validation when Reusing OpenID Token (#9458) 2025-09-05 03:12:17 -04:00
logHeaders.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
moderateText.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
noIndex.js 🚫🔍 feat: disallow search indexing (#1409) 2023-12-29 20:42:04 -05:00
optionalJwtAuth.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
requireJwtAuth.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
requireLdapAuth.js 🚀 feat(LDAP): Add Flexible Configuration Options (#3124) 2024-06-21 10:14:53 -04:00
requireLocalAuth.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
setHeaders.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
uaParser.js 🏦 refactor: Centralize Caching & Redis Key Prefixing (#8457) 2025-07-15 18:24:31 -04:00
validateEndpoint.js 🔧 fix: handleError import path to use '@librechat/api' (#8415) 2025-07-11 13:29:51 -04:00
validateImageRequest.js 🧭 fix: Add Base Path Support for Login/Register and Image Paths (#10116) 2025-11-21 11:25:14 -05:00
validateMessageReq.js 🚤 refactor: Optimize Request Lifecycle Speeds (#3222) 2024-06-28 08:44:47 -04:00
validateModel.js 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
validatePasswordReset.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
validateRegistration.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00