TBNilles/ComfyUI-Manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security policy is updated.

Browse Source 
* Allows the download of models that belong to the whitelist even at the 'normal' security level
This commit is contained in:
Dr.Lt.Data
2024-07-24 00:37:19 +09:00
parent 35f077c6cc
commit 0b3edc3449
4 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
glob/manager_server.py
View File

@@ -990,8 +990,17 @@ async def install_model(request):
return web.Response(status=403)
if not json_data['filename'].endswith('.safetensors') and not is_allowed_security_level('high'):
print(f"ERROR: To use this feature, you must either set '--listen' to a local IP and set the security level to 'normal-' or lower, or set the security level to 'middle' or 'weak'. Please contact the administrator.")
return web.Response(status=403)
models_json = await core.get_data_by_mode('cache', 'model-list.json')
is_belongs_to_whitelist = False
for x in models_json['models']:
if x.get('url') == json_data['url']:
is_belongs_to_whitelist = True
break
if not is_belongs_to_whitelist:
print(f"ERROR: To use this feature, you must either set '--listen' to a local IP and set the security level to 'normal-' or lower, or set the security level to 'middle' or 'weak'. Please contact the administrator.")
return web.Response(status=403)
res = False