Compare commits
1 Commits
alert-auto
...
alert-auto
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
10e689fdce |
@@ -499,7 +499,7 @@ Generate the complete JSON with all 30 fields personalized for {website_url}:
|
|||||||
# Log context summary for debugging
|
# Log context summary for debugging
|
||||||
logger.info("AIStructuredAutofillService: context summary | user=%s", user_id)
|
logger.info("AIStructuredAutofillService: context summary | user=%s", user_id)
|
||||||
logger.info(" - Website analysis exists: %s", bool(context_summary.get('user_profile', {}).get('website_url')))
|
logger.info(" - Website analysis exists: %s", bool(context_summary.get('user_profile', {}).get('website_url')))
|
||||||
logger.info(" - Research config: %s", context_summary.get('research_config', {}).get('research_depth', 'None'))
|
logger.info(" - Research config present: %s", bool(context_summary.get('research_config', {}).get('research_depth')))
|
||||||
logger.info(" - API capabilities: %s", len(context_summary.get('api_capabilities', {}).get('providers', [])))
|
logger.info(" - API capabilities: %s", len(context_summary.get('api_capabilities', {}).get('providers', [])))
|
||||||
logger.info(" - Content analysis: %s", bool(context_summary.get('content_analysis')))
|
logger.info(" - Content analysis: %s", bool(context_summary.get('content_analysis')))
|
||||||
logger.info(" - Audience insights: %s", bool(context_summary.get('audience_insights')))
|
logger.info(" - Audience insights: %s", bool(context_summary.get('audience_insights')))
|
||||||
|
|||||||
@@ -40,25 +40,29 @@ async def serve_video_studio_video(
|
|||||||
video_studio_videos_dir = base_dir / "video_studio_videos"
|
video_studio_videos_dir = base_dir / "video_studio_videos"
|
||||||
video_path = video_studio_videos_dir / user_id / video_filename
|
video_path = video_studio_videos_dir / user_id / video_filename
|
||||||
|
|
||||||
# Security: Resolve and ensure path is within video_studio_videos directory
|
# Security: Ensure path is within video_studio_videos directory
|
||||||
try:
|
try:
|
||||||
resolved_base = video_studio_videos_dir.resolve()
|
|
||||||
resolved_path = video_path.resolve()
|
resolved_path = video_path.resolve()
|
||||||
resolved_path.relative_to(resolved_base)
|
resolved_base = video_studio_videos_dir.resolve()
|
||||||
|
if not str(resolved_path).startswith(str(resolved_base)):
|
||||||
|
raise HTTPException(
|
||||||
|
status_code=403,
|
||||||
|
detail="Invalid video path"
|
||||||
|
)
|
||||||
except (OSError, ValueError) as e:
|
except (OSError, ValueError) as e:
|
||||||
logger.error(f"[VideoStudio] Path resolution error: {e}")
|
logger.error(f"[VideoStudio] Path resolution error: {e}")
|
||||||
raise HTTPException(status_code=403, detail="Invalid video path")
|
raise HTTPException(status_code=403, detail="Invalid video path")
|
||||||
|
|
||||||
# Check if file exists
|
# Check if file exists
|
||||||
if not resolved_path.exists() or not resolved_path.is_file():
|
if not video_path.exists() or not video_path.is_file():
|
||||||
raise HTTPException(
|
raise HTTPException(
|
||||||
status_code=404,
|
status_code=404,
|
||||||
detail=f"Video not found: {video_filename}"
|
detail=f"Video not found: {video_filename}"
|
||||||
)
|
)
|
||||||
|
|
||||||
logger.info(f"[VideoStudio] Serving video: {resolved_path}")
|
logger.info(f"[VideoStudio] Serving video: {video_path}")
|
||||||
return FileResponse(
|
return FileResponse(
|
||||||
path=str(resolved_path),
|
path=str(video_path),
|
||||||
media_type="video/mp4",
|
media_type="video/mp4",
|
||||||
filename=video_filename,
|
filename=video_filename,
|
||||||
)
|
)
|
||||||
|
|||||||
Reference in New Issue
Block a user