mirrors/ComfyUI
1
0
Fork 0
mirror of https://github.com/comfyanonymous/ComfyUI.git synced 2025-09-10 11:35:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(userdata): catch invalid workflow filenames (#9434) (#9445)

Browse Source
This commit is contained in:
saurabh-pingale
2025-08-21 07:57:57 +05:30
committed by GitHub
parent 0963493a9c
commit 0737b7e0d2
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/user_manager.py
View File

@@ -363,10 +363,17 @@ class UserManager():
if not overwrite and os.path.exists(path): if not overwrite and os.path.exists(path):
return web.Response(status=409, text="File already exists") return web.Response(status=409, text="File already exists")
try:
body = await request.read() body = await request.read()
with open(path, "wb") as f: with open(path, "wb") as f:
f.write(body) f.write(body)
except OSError as e:
logging.warning(f"Error saving file '{path}': {e}")
return web.Response(
status=400,
reason="Invalid filename. Please avoid special characters like :\\/*?\"<>|"
)
user_path = self.get_request_user_filepath(request, None) user_path = self.get_request_user_filepath(request, None)
if full_info: if full_info: