Spaces:
Running
Running
zhzluke96
commited on
Commit
•
72bb5b8
1
Parent(s):
94466ce
update
Browse files
webui.py
CHANGED
|
@@ -119,16 +119,6 @@ def process_webui_args(args):
|
|
| 119 |
),
|
| 120 |
},
|
| 121 |
)
|
| 122 |
-
# gradio uses a very open CORS policy via app.user_middleware, which makes it possible for
|
| 123 |
-
# an attacker to trick the user into opening a malicious HTML page, which makes a request to the
|
| 124 |
-
# running web ui and do whatever the attacker wants, including installing an extension and
|
| 125 |
-
# running its code. We disable this here. Suggested by RyotaK.
|
| 126 |
-
app.user_middleware = [
|
| 127 |
-
x for x in app.user_middleware if x.cls.__name__ != "CustomCORSMiddleware"
|
| 128 |
-
]
|
| 129 |
-
|
| 130 |
-
if api:
|
| 131 |
-
process_api_args(args, app)
|
| 132 |
|
| 133 |
|
| 134 |
if __name__ == "__main__":
|
|
|
|
| 119 |
),
|
| 120 |
},
|
| 121 |
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 122 |
|
| 123 |
|
| 124 |
if __name__ == "__main__":
|