Mirrors/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-16 11:57:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

log: added a debug log if detecting a potential prompt injection attack

Browse Source
This commit is contained in:
thiswillbeyourgithub
2024-09-12 16:04:41 +02:00
parent b4ad64586a
commit e872f5dc78
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/open_webui/apps/rag/utils.py
View File

@@ -198,6 +198,12 @@ def rag_template(template: str, context: str, query: str):
f"RAG template contains an unexpected number of '[context]' : {count}" f"RAG template contains an unexpected number of '[context]' : {count}"
) )
assert "[context]" in template, "RAG template does not contain '[context]'" assert "[context]" in template, "RAG template does not contain '[context]'"
if "<context>" in context and "</context>" in context:
log.debug(
"WARNING: Potential prompt injection attack: the RAG "
"context contains '<context>' and '</context>'. This might be "
"nothing, or the user might be trying to hack something."
)
if "[query]" in context: if "[query]" in context:
query_placeholder = str(uuid.uuid4()) query_placeholder = str(uuid.uuid4())