Skip to content

Commit f4f36b4

Browse files
authored
Merge pull request #460 from vvincent1234/fix/security
optmize webui settings and fix vulnerability
2 parents 3302799 + 7fdf95e commit f4f36b4

File tree

5 files changed

+201
-195
lines changed

5 files changed

+201
-195
lines changed

src/utils/agent_state.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
import asyncio
22

3+
34
class AgentState:
45
_instance = None
56

@@ -27,4 +28,4 @@ def set_last_valid_state(self, state):
2728
self.last_valid_state = state
2829

2930
def get_last_valid_state(self):
30-
return self.last_valid_state
31+
return self.last_valid_state

src/utils/deep_research.py

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,13 @@
1919
from browser_use.browser.context import BrowserContext
2020
from browser_use.controller.service import Controller, DoneAction
2121
from main_content_extractor import MainContentExtractor
22-
from langchain.schema import SystemMessage, HumanMessage
22+
from langchain_core.messages import (
23+
AIMessage,
24+
BaseMessage,
25+
HumanMessage,
26+
ToolMessage,
27+
SystemMessage
28+
)
2329
from json_repair import repair_json
2430
from src.agent.custom_prompts import CustomSystemPrompt, CustomAgentMessagePrompt
2531
from src.controller.custom_controller import CustomController

src/utils/default_config_settings.py

Lines changed: 0 additions & 125 deletions
This file was deleted.

src/utils/utils.py

Lines changed: 73 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@
44
from pathlib import Path
55
from typing import Dict, Optional
66
import requests
7+
import json
8+
import gradio as gr
9+
import uuid
710

811
from langchain_anthropic import ChatAnthropic
912
from langchain_mistralai import ChatMistralAI
@@ -196,12 +199,14 @@ def update_model_dropdown(llm_provider, api_key=None, base_url=None):
196199
else:
197200
return gr.Dropdown(choices=[], value="", interactive=True, allow_custom_value=True)
198201

202+
199203
class MissingAPIKeyError(Exception):
200204
"""Custom exception for missing API key."""
205+
201206
def __init__(self, provider: str, env_var: str):
202207
provider_display = PROVIDER_DISPLAY_NAMES.get(provider, provider.upper())
203208
super().__init__(f"💥 {provider_display} API key not found! 🔑 Please set the "
204-
f"`{env_var}` environment variable or provide it in the UI.")
209+
f"`{env_var}` environment variable or provide it in the UI.")
205210

206211

207212
def encode_image(img_path):
@@ -270,3 +275,70 @@ async def capture_screenshot(browser_context):
270275
return encoded
271276
except Exception as e:
272277
return None
278+
279+
280+
class ConfigManager:
281+
def __init__(self):
282+
self.components = {}
283+
self.component_order = []
284+
285+
def register_component(self, name: str, component):
286+
"""Register a gradio component for config management."""
287+
self.components[name] = component
288+
if name not in self.component_order:
289+
self.component_order.append(name)
290+
return component
291+
292+
def save_current_config(self):
293+
"""Save the current configuration of all registered components."""
294+
current_config = {}
295+
for name in self.component_order:
296+
component = self.components[name]
297+
# Get the current value from the component
298+
current_config[name] = getattr(component, "value", None)
299+
300+
return save_config_to_file(current_config)
301+
302+
def update_ui_from_config(self, config_file):
303+
"""Update UI components from a loaded configuration file."""
304+
if config_file is None:
305+
return [gr.update() for _ in self.component_order] + ["No file selected."]
306+
307+
loaded_config = load_config_from_file(config_file.name)
308+
309+
if not isinstance(loaded_config, dict):
310+
return [gr.update() for _ in self.component_order] + ["Error: Invalid configuration file."]
311+
312+
# Prepare updates for all components
313+
updates = []
314+
for name in self.component_order:
315+
if name in loaded_config:
316+
updates.append(gr.update(value=loaded_config[name]))
317+
else:
318+
updates.append(gr.update())
319+
320+
updates.append("Configuration loaded successfully.")
321+
return updates
322+
323+
def get_all_components(self):
324+
"""Return all registered components in the order they were registered."""
325+
return [self.components[name] for name in self.component_order]
326+
327+
328+
def load_config_from_file(config_file):
329+
"""Load settings from a config file (JSON format)."""
330+
try:
331+
with open(config_file, 'r') as f:
332+
settings = json.load(f)
333+
return settings
334+
except Exception as e:
335+
return f"Error loading configuration: {str(e)}"
336+
337+
338+
def save_config_to_file(settings, save_dir="./tmp/webui_settings"):
339+
"""Save the current settings to a UUID.json file with a UUID name."""
340+
os.makedirs(save_dir, exist_ok=True)
341+
config_file = os.path.join(save_dir, f"{uuid.uuid4()}.json")
342+
with open(config_file, 'w') as f:
343+
json.dump(settings, f, indent=2)
344+
return f"Configuration saved to {config_file}"

0 commit comments

Comments
 (0)