mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-10 12:35:55 +02:00
These were the only two ydoc Socket.IO handlers missing the SESSION_POOL guard that every sibling (join/state/update) enforces. With always_connect=True admitting unauthenticated sockets, a client that knew a note's document_id could broadcast spoofed awareness (cursors/presence) and fake ydoc:user:left events into a live editing room, attributed to any client-supplied user_id. Both handlers now require an authenticated SESSION_POOL session; the awareness handler additionally requires prior ydoc:document:join (room membership); and the broadcast user_id is fixed to the authenticated identity instead of the client-supplied value, removing the impersonation. Document content was never reachable (ydoc:document:update already enforces write permission). Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>