refac: AIOHTTP_CLIENT_SESSION_SSL

2025-06-26 18:26:48 +00:00 · 2025-05-14 23:33:52 +04:00 · 2025-05-14 23:33:52 +04:00 · b143c71da2
commit b143c71da2
parent 04287eb6d6
5 changed files with 21 additions and 6 deletions
--- a/backend/open_webui/main.py
+++ b/backend/open_webui/main.py
@ -380,6 +380,7 @@ from open_webui.env import (
    OFFLINE_MODE,
    ENABLE_OTEL,
    EXTERNAL_PWA_MANIFEST_URL,
+    AIOHTTP_CLIENT_SESSION_SSL,
 )


@ -1464,7 +1465,8 @@ async def get_app_latest_release_version(user=Depends(get_verified_user)):
        timeout = aiohttp.ClientTimeout(total=1)
        async with aiohttp.ClientSession(timeout=timeout, trust_env=True) as session:
            async with session.get(
-                "https://api.github.com/repos/open-webui/open-webui/releases/latest"
+                "https://api.github.com/repos/open-webui/open-webui/releases/latest",
+                ssl=AIOHTTP_CLIENT_SESSION_SSL,
            ) as response:
                response.raise_for_status()
                data = await response.json()
--- a/backend/open_webui/retrieval/web/utils.py
+++ b/backend/open_webui/retrieval/web/utils.py
@ -39,7 +39,7 @@ from open_webui.config import (
    EXTERNAL_WEB_LOADER_URL,
    EXTERNAL_WEB_LOADER_API_KEY,
 )
-from open_webui.env import SRC_LOG_LEVELS
+from open_webui.env import SRC_LOG_LEVELS, AIOHTTP_CLIENT_SESSION_SSL

 log = logging.getLogger(__name__)
 log.setLevel(SRC_LOG_LEVELS["RAG"])
@ -515,7 +515,9 @@ class SafeWebBaseLoader(WebBaseLoader):
                        kwargs["ssl"] = False

                    async with session.get(
-                        url, **(self.requests_kwargs | kwargs)
+                        url,
+                        **(self.requests_kwargs | kwargs),
+                        ssl=AIOHTTP_CLIENT_SESSION_SSL,
                    ) as response:
                        if self.raise_for_status:
                            response.raise_for_status()
--- a/backend/open_webui/routers/audio.py
+++ b/backend/open_webui/routers/audio.py
@ -38,6 +38,7 @@ from open_webui.config import (

 from open_webui.constants import ERROR_MESSAGES
 from open_webui.env import (
+    AIOHTTP_CLIENT_SESSION_SSL,
    AIOHTTP_CLIENT_TIMEOUT,
    ENV,
    SRC_LOG_LEVELS,
@ -326,6 +327,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                            else {}
                        ),
                    },
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                ) as r:
                    r.raise_for_status()

@ -381,6 +383,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                        "Content-Type": "application/json",
                        "xi-api-key": request.app.state.config.TTS_API_KEY,
                    },
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                ) as r:
                    r.raise_for_status()

@ -439,6 +442,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                        "X-Microsoft-OutputFormat": output_format,
                    },
                    data=data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                ) as r:
                    r.raise_for_status()

--- a/backend/open_webui/routers/pipelines.py
+++ b/backend/open_webui/routers/pipelines.py
@ -18,7 +18,7 @@ from pydantic import BaseModel
 from starlette.responses import FileResponse
 from typing import Optional

-from open_webui.env import SRC_LOG_LEVELS
+from open_webui.env import SRC_LOG_LEVELS, AIOHTTP_CLIENT_SESSION_SSL
 from open_webui.config import CACHE_DIR
 from open_webui.constants import ERROR_MESSAGES

@ -89,6 +89,7 @@ async def process_pipeline_inlet_filter(request, payload, user, models):
                    f"{url}/{filter['id']}/filter/inlet",
                    headers=headers,
                    json=request_data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                ) as response:
                    payload = await response.json()
                    response.raise_for_status()
@ -138,6 +139,7 @@ async def process_pipeline_outlet_filter(request, payload, user, models):
                    f"{url}/{filter['id']}/filter/outlet",
                    headers=headers,
                    json=request_data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                ) as response:
                    payload = await response.json()
                    response.raise_for_status()
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@ -41,6 +41,7 @@ from open_webui.config import (
 )
 from open_webui.constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
 from open_webui.env import (
+    AIOHTTP_CLIENT_SESSION_SSL,
    WEBUI_NAME,
    WEBUI_AUTH_COOKIE_SAME_SITE,
    WEBUI_AUTH_COOKIE_SECURE,
@ -306,7 +307,9 @@ class OAuthManager:
                    "Authorization": f"Bearer {access_token}",
                }
            async with aiohttp.ClientSession(trust_env=True) as session:
-                async with session.get(picture_url, **get_kwargs) as resp:
+                async with session.get(
+                    picture_url, **get_kwargs, ssl=AIOHTTP_CLIENT_SESSION_SSL
+                ) as resp:
                    if resp.ok:
                        picture = await resp.read()
                        base64_encoded_picture = base64.b64encode(picture).decode(
@ -371,7 +374,9 @@ class OAuthManager:
                    headers = {"Authorization": f"Bearer {access_token}"}
                    async with aiohttp.ClientSession(trust_env=True) as session:
                        async with session.get(
-                            "https://api.github.com/user/emails", headers=headers
+                            "https://api.github.com/user/emails",
+                            headers=headers,
+                            ssl=AIOHTTP_CLIENT_SESSION_SSL,
                        ) as resp:
                            if resp.ok:
                                emails = await resp.json()