wangbo/ComfyUI
1
0
Fork 0
mirror of https://github.com/comfyanonymous/ComfyUI.git synced 2026-03-06 01:37:45 +08:00
Code Issues Actions 21 Packages Projects Releases Wiki Activity
c268507ea7
ComfyUI/app/assets
History
Luke Mino-Altherr c268507ea7 Fix asset API security and correctness issues 
- Content-Disposition: drop raw filename= parameter, use only RFC 5987
  filename*=UTF-8'' to prevent header injection via ; and special chars
- delete_asset: default delete_content to False (non-destructive) when
  query parameter is omitted
- create_asset_from_hash: return 400 MISSING_INPUT instead of 404 when
  hash not found and no file uploaded (client input error, not missing resource)
- seeder: clear _progress when returning to IDLE so get_status() does not
  return stale progress after scan completion
- hashing: handle non-seekable streams in _hash_file_obj by checking
  seekable() before attempting tell/seek
- bulk_ingest: filter lost_paths to only include paths tied to actually
  inserted asset IDs, preventing inflated counts from ON CONFLICT drops

Amp-Thread-ID: https://ampcode.com/threads/T-019cb67a-9822-7438-ab05-d09991a9f7f3
Co-authored-by: Amp <amp@ampcode.com>
2026-03-03 18:47:48 -08:00
..
api Fix asset API security and correctness issues 2026-03-03 18:47:48 -08:00
database Reduce duplication across assets module 2026-03-03 17:23:32 -08:00
services Fix asset API security and correctness issues 2026-03-03 18:47:48 -08:00
helpers.py Reduce duplication across assets module 2026-03-03 17:23:32 -08:00
scanner.py Reduce duplication across assets module 2026-03-03 17:23:32 -08:00
seeder.py Fix asset API security and correctness issues 2026-03-03 18:47:48 -08:00