mirror of
https://github.com/bytedance/deer-flow.git
synced 2026-05-21 23:46:50 +00:00
fix(frontend): block unsupported .app uploads (#1834)
Co-authored-by: Willem Jiang <willem.jiang@gmail.com>
This commit is contained in:
luobo
@@ -34,6 +34,7 @@ import {
|
||||
SelectTrigger,
|
||||
SelectValue,
|
||||
} from "@/components/ui/select";
|
||||
import { splitUnsupportedUploadFiles } from "@/core/uploads";
|
||||
import { isIMEComposing } from "@/lib/ime";
|
||||
import { cn } from "@/lib/utils";
|
||||
import type { ChatStatus, FileUIPart } from "ai";
|
||||
@@ -71,6 +72,7 @@ import {
|
||||
useRef,
|
||||
useState,
|
||||
} from "react";
|
||||
import { toast } from "sonner";
|
||||
|
||||
// ============================================================================
|
||||
// Provider Context & Types
|
||||
@@ -107,6 +109,9 @@ const PromptInputController = createContext<PromptInputControllerProps | null>(
|
||||
const ProviderAttachmentsContext = createContext<AttachmentsContext | null>(
|
||||
null,
|
||||
);
|
||||
const PromptInputValidationContext = createContext<
|
||||
((files: File[] | FileList) => File[]) | null
|
||||
>(null);
|
||||
|
||||
export const usePromptInputController = () => {
|
||||
const ctx = useContext(PromptInputController);
|
||||
@@ -134,6 +139,7 @@ export const useProviderAttachments = () => {
|
||||
|
||||
const useOptionalProviderAttachments = () =>
|
||||
useContext(ProviderAttachmentsContext);
|
||||
const usePromptInputValidation = () => useContext(PromptInputValidationContext);
|
||||
|
||||
export type PromptInputProviderProps = PropsWithChildren<{
|
||||
initialInput?: string;
|
||||
@@ -451,7 +457,7 @@ export type PromptInputProps = Omit<
|
||||
maxFiles?: number;
|
||||
maxFileSize?: number; // bytes
|
||||
onError?: (err: {
|
||||
code: "max_files" | "max_file_size" | "accept";
|
||||
code: "max_files" | "max_file_size" | "accept" | "unsupported_package";
|
||||
message: string;
|
||||
}) => void;
|
||||
onSubmit: (
|
||||
@@ -599,6 +605,23 @@ export const PromptInput = ({
|
||||
? controller.attachments.openFileDialog
|
||||
: openFileDialogLocal;
|
||||
|
||||
const sanitizeIncomingFiles = useCallback(
|
||||
(fileList: File[] | FileList) => {
|
||||
const { accepted, message } = splitUnsupportedUploadFiles(fileList);
|
||||
if (message) {
|
||||
onError?.({
|
||||
code: "unsupported_package",
|
||||
message,
|
||||
});
|
||||
if (!onError) {
|
||||
toast.error(message);
|
||||
}
|
||||
}
|
||||
return accepted;
|
||||
},
|
||||
[onError],
|
||||
);
|
||||
|
||||
// Let provider know about our hidden file input so external menus can call openFileDialog()
|
||||
useEffect(() => {
|
||||
if (!usingProvider) return;
|
||||
@@ -629,7 +652,10 @@ export const PromptInput = ({
|
||||
e.preventDefault();
|
||||
}
|
||||
if (e.dataTransfer?.files && e.dataTransfer.files.length > 0) {
|
||||
add(e.dataTransfer.files);
|
||||
const accepted = sanitizeIncomingFiles(e.dataTransfer.files);
|
||||
if (accepted.length > 0) {
|
||||
add(accepted);
|
||||
}
|
||||
}
|
||||
};
|
||||
form.addEventListener("dragover", onDragOver);
|
||||
@@ -638,7 +664,7 @@ export const PromptInput = ({
|
||||
form.removeEventListener("dragover", onDragOver);
|
||||
form.removeEventListener("drop", onDrop);
|
||||
};
|
||||
}, [add, globalDrop]);
|
||||
}, [add, globalDrop, sanitizeIncomingFiles]);
|
||||
|
||||
useEffect(() => {
|
||||
if (!globalDrop) return;
|
||||
@@ -653,7 +679,10 @@ export const PromptInput = ({
|
||||
e.preventDefault();
|
||||
}
|
||||
if (e.dataTransfer?.files && e.dataTransfer.files.length > 0) {
|
||||
add(e.dataTransfer.files);
|
||||
const accepted = sanitizeIncomingFiles(e.dataTransfer.files);
|
||||
if (accepted.length > 0) {
|
||||
add(accepted);
|
||||
}
|
||||
}
|
||||
};
|
||||
document.addEventListener("dragover", onDragOver);
|
||||
@@ -662,7 +691,7 @@ export const PromptInput = ({
|
||||
document.removeEventListener("dragover", onDragOver);
|
||||
document.removeEventListener("drop", onDrop);
|
||||
};
|
||||
}, [add, globalDrop]);
|
||||
}, [add, globalDrop, sanitizeIncomingFiles]);
|
||||
|
||||
useEffect(
|
||||
() => () => {
|
||||
@@ -678,7 +707,10 @@ export const PromptInput = ({
|
||||
|
||||
const handleChange: ChangeEventHandler<HTMLInputElement> = (event) => {
|
||||
if (event.currentTarget.files) {
|
||||
add(event.currentTarget.files);
|
||||
const accepted = sanitizeIncomingFiles(event.currentTarget.files);
|
||||
if (accepted.length > 0) {
|
||||
add(accepted);
|
||||
}
|
||||
}
|
||||
// Reset input value to allow selecting files that were previously removed
|
||||
event.currentTarget.value = "";
|
||||
@@ -778,7 +810,7 @@ export const PromptInput = ({
|
||||
|
||||
// Render with or without local provider
|
||||
const inner = (
|
||||
<>
|
||||
<PromptInputValidationContext.Provider value={sanitizeIncomingFiles}>
|
||||
<input
|
||||
accept={accept}
|
||||
aria-label="Upload files"
|
||||
@@ -797,7 +829,7 @@ export const PromptInput = ({
|
||||
>
|
||||
<InputGroup>{children}</InputGroup>
|
||||
</form>
|
||||
</>
|
||||
</PromptInputValidationContext.Provider>
|
||||
);
|
||||
|
||||
return usingProvider ? (
|
||||
@@ -830,6 +862,7 @@ export const PromptInputTextarea = ({
|
||||
}: PromptInputTextareaProps) => {
|
||||
const controller = useOptionalPromptInputController();
|
||||
const attachments = usePromptInputAttachments();
|
||||
const sanitizeIncomingFiles = usePromptInputValidation();
|
||||
const [isComposing, setIsComposing] = useState(false);
|
||||
|
||||
const handleKeyDown: KeyboardEventHandler<HTMLTextAreaElement> = (e) => {
|
||||
@@ -888,7 +921,12 @@ export const PromptInputTextarea = ({
|
||||
|
||||
if (files.length > 0) {
|
||||
event.preventDefault();
|
||||
attachments.add(files);
|
||||
const accepted = sanitizeIncomingFiles
|
||||
? sanitizeIncomingFiles(files)
|
||||
: files;
|
||||
if (accepted.length > 0) {
|
||||
attachments.add(accepted);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user