fix: harden upstream path + binary-body validation (gadfly round 1)
- upstreamPath rejects '..' in model ids AND in the rest path — the rest can embed SERVER-SUPPLIED components (ACE-Step result file URLs), so dot-dot/scheme smuggling toward other proxy endpoints is refused - singleImageResult requires positive image evidence (sniffed magic OR declared image/*): an empty-Content-Type error page can no longer pass as 'the image' via sniffImageMIME's PNG-default labelling - upscale/background responses get a dedicated 256MB cap (the 64MB cap is JSON-sized; a 4x PNG legitimately exceeds it) - mesh JSON-detection widened (512-byte whitespace-tolerant peek + reject declared application/json) - Transcribe now reuses buildMultipart; transcriptionFilename takes (filename, mime) so diarize shares it without a fake request struct; truncateForError stops shadowing builtin cap; OnlyMask doc de-ambiguated Co-Authored-By: Claude Fable 5 <[email protected]>
This commit is contained in:
@@ -79,7 +79,7 @@ func (m *diarizationModel) Diarize(ctx context.Context, req audio.DiarizationReq
|
||||
}
|
||||
|
||||
body, contentType, err := buildMultipart("build diarization form",
|
||||
filePart{field: "audio_file", filename: diarizationFilename(req), data: req.Audio},
|
||||
filePart{field: "audio_file", filename: transcriptionFilename(req.Filename, req.MIME), data: req.Audio},
|
||||
nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -111,12 +111,3 @@ func (m *diarizationModel) Diarize(ctx context.Context, req audio.DiarizationReq
|
||||
}
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// diarizationFilename mirrors transcriptionFilename for the diarization
|
||||
// request shape (same untrusted-metadata sanitization rules).
|
||||
func diarizationFilename(req audio.DiarizationRequest) string {
|
||||
return transcriptionFilename(audio.TranscriptionRequest{
|
||||
Filename: req.Filename,
|
||||
MIME: req.MIME,
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user