fix: validate mime type list when updating chatflow configuration

Author: 0xi4o

packages/components/src/utils.ts

@@ -1198,6 +1198,41 @@ export const mapMimeTypeToExt = (mimeType: string) => {
     }
 }
 
+/**
+ * MIME types allowed for full file upload (chatflow config).
+ * Server validates stored allowedUploadFileTypes against this list to prevent
+ * malicious clients from allowing executables or other dangerous types.
+ */
+export const ALLOWED_UPLOAD_MIME_TYPES: readonly string[] = [
+    'text/css',
+    'text/csv',
+    'text/html',
+    'application/json',
+    'text/markdown',
+    'application/x-yaml',
+    'application/pdf',
+    'application/sql',
+    'text/plain',
+    'application/xml',
+    'application/msword',
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+    'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+    'application/vnd.openxmlformats-officedocument.presentationml.presentation'
+]
+
+/**
+ * Returns true if the MIME type is allowed for file upload config.
+ * Must be in ALLOWED_UPLOAD_MIME_TYPES and have a mapping in mapMimeTypeToExt.
+ * @param {string} mime
+ * @returns {boolean}
+ */
+export const isAllowedUploadMimeType = (mime: string): boolean => {
+    if (!mime || typeof mime !== 'string') return false
+    const trimmed = mime.trim()
+    if (!trimmed) return false
+    return ALLOWED_UPLOAD_MIME_TYPES.includes(trimmed) && mapMimeTypeToExt(trimmed) !== ''
+}
+
 // remove invalid markdown image pattern: ![<some-string>](<some-string>)
 export const removeInvalidImageMarkdown = (output: string): string => {
     return typeof output === 'string' ? output.replace(/!\[.*?\]\((?!https?:\/\/).*?\)/g, '') : output

packages/components/src/validator.ts

@@ -1,4 +1,4 @@
-import { mapMimeTypeToExt } from './utils'
+import { isAllowedUploadMimeType, mapMimeTypeToExt } from './utils'
 
 /**
  * Validates if a string is a valid UUID v4
@@ -147,3 +147,16 @@ export const validateMimeTypeAndExtensionMatch = (filename: string, mimetype: st
         )
     }
 }
+
+/**
+ * Filters an array of MIME type strings to only those allowed for file upload config.
+ * Used when sanitizing chatbotConfig.allowedUploadFileTypes to prevent malicious values.
+ * @param {string[]} mimeTypes Raw MIME types (e.g. from splitting comma-separated config)
+ * @returns {string[]} Only MIME types that pass isAllowedUploadMimeType
+ */
+export const filterAllowedUploadMimeTypes = (mimeTypes: string[]): string[] => {
+    if (!Array.isArray(mimeTypes)) return []
+    return mimeTypes
+        .map((m) => (typeof m === 'string' ? m.trim() : ''))
+        .filter((m) => m !== '' && isAllowedUploadMimeType(m))
+}

packages/server/src/services/chatflows/index.ts

@@ -15,6 +15,7 @@ import { InternalFlowiseError } from '../../errors/internalFlowiseError'
 import { getErrorMessage } from '../../errors/utils'
 import documentStoreService from '../../services/documentstore'
 import { constructGraphs, getAppVersion, getEndingNodes, getTelemetryFlowObj, isFlowValidForStream } from '../../utils'
+import { sanitizeAllowedUploadMimeTypesFromConfig } from '../../utils/fileValidation'
 import { containsBase64File, updateFlowDataWithFilePaths } from '../../utils/fileRepository'
 import { getRunningExpressApp } from '../../utils/getRunningExpressApp'
 import { utilGetUploadsConfig } from '../../utils/getUploadsConfig'
@@ -351,6 +352,21 @@ const updateChatflow = async (
     } else {
         updateChatFlow.type = chatflow.type
     }
+    if (updateChatFlow.chatbotConfig) {
+        try {
+            const parsed = JSON.parse(updateChatFlow.chatbotConfig) as ICommonObject
+            if (parsed?.fullFileUpload?.allowedUploadFileTypes !== undefined) {
+                const current = parsed.fullFileUpload.allowedUploadFileTypes
+                const sanitized = sanitizeAllowedUploadMimeTypesFromConfig(
+                    typeof current === 'string' ? current : String(current ?? '')
+                )
+                parsed.fullFileUpload.allowedUploadFileTypes = sanitized
+                updateChatFlow.chatbotConfig = JSON.stringify(parsed)
+            }
+        } catch {
+            // If parsing fails, leave chatbotConfig unchanged
+        }
+    }
     const newDbChatflow = appServer.AppDataSource.getRepository(ChatFlow).merge(chatflow, updateChatFlow)
     await _checkAndUpdateDocumentStoreUsage(newDbChatflow, chatflow.workspaceId)
     const dbResponse = await appServer.AppDataSource.getRepository(ChatFlow).save(newDbChatflow)

packages/server/src/utils/fileValidation.ts

@@ -1,4 +1,4 @@
-import { validateMimeTypeAndExtensionMatch } from 'flowise-components'
+import { filterAllowedUploadMimeTypes, validateMimeTypeAndExtensionMatch } from 'flowise-components'
 import { InternalFlowiseError } from '../errors/internalFlowiseError'
 import { StatusCodes } from 'http-status-codes'
 import { getErrorMessage } from '../errors/utils'
@@ -25,3 +25,17 @@ export function validateFileMimeTypeAndExtensionMatch(filename: string, mimetype
         throw new InternalFlowiseError(StatusCodes.BAD_REQUEST, getErrorMessage(error))
     }
 }
+
+/**
+ * Sanitizes the allowedUploadFileTypes string from chatbotConfig by keeping only
+ * MIME types that are in the server allow list. Removes any type not in the list
+ * (e.g. executables) to prevent malicious clients from persisting dangerous types.
+ *
+ * @param {string} allowedTypesString Comma-separated MIME types from config
+ * @returns {string} Comma-separated string of allowed MIME types only
+ */
+export function sanitizeAllowedUploadMimeTypesFromConfig(allowedTypesString: string): string {
+    if (typeof allowedTypesString !== 'string') return ''
+    const parts = allowedTypesString.split(',').map((s) => s.trim()).filter(Boolean)
+    return filterAllowedUploadMimeTypes(parts).join(',')
+}