feat: add IFRAME_CSP env var for srcdoc iframe content security policy

Adds an IFRAME_CSP environment variable that injects a Content-Security-Policy <meta> tag into all srcdoc iframes rendering untrusted content: - Artifacts (LLM-generated HTML previews) - FullHeightIframe (tool/embed output) - FilePreview (user-uploaded HTML files) - CitationModal (RAG document HTML) Shared utility in src/lib/utils/csp.ts handles injection with HTML-safe attribute escaping. URL-based iframes (src=) are correctly excluded. Env-var only — no PersistentConfig, no admin UI, no DB. Set once at deploy time, requires restart. Empty string (default) means no CSP restriction.
2026-05-18 05:05:09 +02:00 · 2026-05-11 01:56:02 +09:00
parent 1388f4568b
commit 3bba1c2270
8 changed files with 30 additions and 6 deletions
--- a/backend/open_webui/config.py
+++ b/backend/open_webui/config.py
@@ -1376,6 +1376,7 @@ RESPONSE_WATERMARK = PersistentConfig(
    os.environ.get('RESPONSE_WATERMARK', ''),
 )

+IFRAME_CSP = os.environ.get('IFRAME_CSP', '')

 USER_PERMISSIONS_WORKSPACE_MODELS_ACCESS = (
    os.environ.get('USER_PERMISSIONS_WORKSPACE_MODELS_ACCESS', 'False').lower() == 'true'
--- a/backend/open_webui/main.py
+++ b/backend/open_webui/main.py
@@ -460,6 +460,7 @@ from open_webui.config import (
    OAUTH_PROVIDERS,
    WEBUI_URL,
    RESPONSE_WATERMARK,
+    IFRAME_CSP,
    # Admin
    ENABLE_ADMIN_CHAT_ACCESS,
    ENABLE_ADMIN_ANALYTICS,
@@ -2444,6 +2445,7 @@ async def get_app_config(request: Request):
                    'pending_user_overlay_title': app.state.config.PENDING_USER_OVERLAY_TITLE,
                    'pending_user_overlay_content': app.state.config.PENDING_USER_OVERLAY_CONTENT,
                    'response_watermark': app.state.config.RESPONSE_WATERMARK,
+                    'iframe_csp': IFRAME_CSP,
                },
                'license_metadata': app.state.LICENSE_METADATA,
                **(