Merge branch 'comfyanonymous:master' into master

2026-01-11 23:00:51 +08:00 · 2025-01-19 02:40:53 +03:00 · 2025-01-19 02:40:53 +03:00 · 8ee302c9dd
commit 8ee302c9dd
parent e3207a0560 b1a02131c9
2 changed files with 8 additions and 3 deletions
--- a/comfy/samplers.py
+++ b/comfy/samplers.py
@ -12,7 +12,6 @@ import collections
 from comfy import model_management
 import math
 import logging
-import comfy.samplers
 import comfy.sampler_helpers
 import comfy.model_patcher
 import comfy.patcher_extension
@ -178,7 +177,7 @@ def finalize_default_conds(model: 'BaseModel', hooked_to_run: dict[comfy.hooks.H
        cond = default_conds[i]
        for x in cond:
            # do get_area_and_mult to get all the expected values
-            p = comfy.samplers.get_area_and_mult(x, x_in, timestep)
+            p = get_area_and_mult(x, x_in, timestep)
            if p is None:
                continue
            # replace p's mult with calculated mult
@ -215,7 +214,7 @@ def _calc_cond_batch(model: 'BaseModel', conds: list[list[dict]], x_in: torch.Te
                    default_c.append(x)
                    has_default_conds = True
                    continue
-                p = comfy.samplers.get_area_and_mult(x, x_in, timestep)
+                p = get_area_and_mult(x, x_in, timestep)
                if p is None:
                    continue
                if p.hooks is not None:
--- a/server.py
+++ b/server.py
@ -329,6 +329,9 @@ class PromptServer():
                original_ref = json.loads(post.get("original_ref"))
                filename, output_dir = folder_paths.annotated_filepath(original_ref['filename'])

+                if not filename:
+                    return web.Response(status=400)
+
                # validation for security: prevent accessing arbitrary path
                if filename[0] == '/' or '..' in filename:
                    return web.Response(status=400)
@ -370,6 +373,9 @@ class PromptServer():
                filename = request.rel_url.query["filename"]
                filename,output_dir = folder_paths.annotated_filepath(filename)

+                if not filename:
+                    return web.Response(status=400)
+
                # validation for security: prevent accessing arbitrary path
                if filename[0] == '/' or '..' in filename:
                    return web.Response(status=400)