From ce50d9bac4f30b054b09a2fbda52569b73ea591c Mon Sep 17 00:00:00 2001
From: Timothy Jaeryang Baek <tim@openwebui.com>
Date: Wed, 28 Jan 2026 01:14:22 +0400
Subject: [PATCH] refac

---
 backend/open_webui/routers/images.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/open_webui/routers/images.py b/backend/open_webui/routers/images.py
index 464b1742e1..7fdd84b3fa 100644
--- a/backend/open_webui/routers/images.py
+++ b/backend/open_webui/routers/images.py
@@ -16,6 +16,7 @@ from fastapi.responses import FileResponse
 
 from open_webui.config import CACHE_DIR
 from open_webui.constants import ERROR_MESSAGES
+from open_webui.retrieval.web.utils import validate_url
 from open_webui.env import ENABLE_FORWARD_USER_INFO_HEADERS
 
 from open_webui.models.chats import Chats
@@ -881,6 +882,8 @@ async def image_edits(
                 return data
 
             if data.startswith("http://") or data.startswith("https://"):
+                # Validate URL to prevent SSRF attacks against local/private networks
+                validate_url(data)
                 r = await asyncio.to_thread(requests.get, data)
                 r.raise_for_status()