jprdonnelly/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-02-12 13:00:45 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
deploy/agent-dev
dify/api/agent-notes/controllers/files/sandbox_archive.py.md
Harry af17e20f99 feat(sandbox): implement sandbox archive upload/download endpoints and security enhancements 
- Added sandbox archive upload and download proxy endpoints with signed URL verification.
- Introduced security helpers for generating and verifying signed URLs.
- Updated file-related API routes to include sandbox archive functionality.
- Refactored app asset storage methods to streamline download/upload URL generation.
2026-01-26 01:11:53 +08:00

447 B
Raw Permalink Blame History

Summary:

  • Sandbox archive upload/download proxy endpoints (signed URL verification, stream to storage).

Invariants:

  • Validates tenant_id and sandbox_id UUIDs.
  • Verifies tenant-scoped signature and expiration before storage access.
  • URL uses expires_at/nonce/sign query params.

Edge Cases:

  • Missing archive returns NotFound.
  • Invalid signature or expired link returns Forbidden.

Tests:

  • Add unit tests for signature validation if needed.
Reference in New Issue View Git Blame Copy Permalink