feat: Implement filename sanitization for file uploads and listings

- Added `sanitize_filename` method in `OutputProcessor` to ensure filenames are safe for container use by replacing non-alphanumeric characters and handling edge cases.
- Updated `upload_file` and `list_files` functions to utilize the new sanitization logic, ensuring consistent filename formatting across file operations.
- Introduced unit tests for `sanitize_filename` to validate its functionality and edge case handling.

Author: usnavy13

src/api/files.py

@@ -15,6 +15,7 @@
 # Local application imports
 from ..config import settings
 from ..dependencies import FileServiceDep
+from ..services.execution.output import OutputProcessor
 from ..utils.id_generator import generate_session_id
 
 
@@ -119,13 +120,13 @@ async def upload_file(
                 content_type=file.content_type,
             )
 
-            # Get file info for complete details
-            file_info = await file_service.get_file_info(session_id, file_id)
+            # Sanitize filename to match what will be used in container
+            sanitized_name = OutputProcessor.sanitize_filename(file.filename)
 
             uploaded_files.append(
                 {
                     "id": file_id,
-                    "name": file.filename,
+                    "name": sanitized_name,
                     "session_id": session_id,
                     "content": None,  # LibreChat doesn't return content in upload response
                     "size": len(content),
@@ -207,10 +208,12 @@ async def list_files(
             # Return simple file information
             simple_files = []
             for file_info in files:
+                # Return sanitized filename to match container
+                sanitized_name = OutputProcessor.sanitize_filename(file_info.filename)
                 simple_files.append(
                     {
                         "id": file_info.file_id,
-                        "name": file_info.filename,
+                        "name": sanitized_name,
                         "path": file_info.path,
                     }
                 )
@@ -219,9 +222,11 @@ async def list_files(
             # Return full file details - LibreChat format
             detailed_files = []
             for file_info in files:
+                # Return sanitized filename to match container
+                sanitized_name = OutputProcessor.sanitize_filename(file_info.filename)
                 detailed_files.append(
                     {
-                        "name": file_info.filename,
+                        "name": sanitized_name,
                         "id": file_info.file_id,
                         "session_id": session_id,
                         "content": None,  # Not returned in list

src/services/execution/output.py

@@ -1,6 +1,8 @@
 """Output processing and validation for code execution."""
 
+import os
 import re
+import secrets
 from pathlib import Path
 from typing import Any, Dict
 
@@ -221,13 +223,55 @@ def format_error_message(cls, exit_code: int, stderr: str) -> str:
         return f"Execution failed (exit code {exit_code}):\n{stderr_clean}"
 
     @classmethod
-    def normalize_filename(cls, filename: str) -> str:
-        """Normalize filename for container use: replace spaces with underscores.
+    def sanitize_filename(cls, input_name: str) -> str:
+        """Sanitize filename to match LibreChat's sanitization logic.
+
+        Replaces all non-alphanumeric characters (except '.' and '-') with
+        underscores. This ensures filenames on disk match what LibreChat
+        reports in the system prompt.
 
-        Important: we deliberately KEEP non-ASCII characters (e.g., Japanese)
-        so that user-visible filenames aren't transliterated.
+        Args:
+            input_name: Original filename (may include path components)
+
+        Returns:
+            Sanitized filename safe for container use
         """
+        if not input_name:
+            return "_"
+
         try:
-            return filename.replace(" ", "_") if filename else filename
-        except Exception:
-            return filename
+            # Remove any directory components (path traversal prevention)
+            name = os.path.basename(input_name)
+
+            # Replace any non-alphanumeric characters except for '.' and '-'
+            name = re.sub(r"[^a-zA-Z0-9.-]", "_", name)
+
+            # Ensure the name doesn't start with a dot (hidden file in Unix)
+            if name.startswith(".") or name == "":
+                name = "_" + name
+
+            # Limit the length of the filename
+            max_length = 255
+            if len(name) > max_length:
+                ext = os.path.splitext(name)[1]
+                name_without_ext = os.path.splitext(name)[0]
+                random_suffix = secrets.token_hex(3)
+                truncate_len = max_length - len(ext) - 7
+                if truncate_len < 1:
+                    truncate_len = 1
+                name = name_without_ext[:truncate_len] + "-" + random_suffix + ext
+
+            return name
+
+        except Exception as e:
+            logger.error(f"Failed to sanitize filename: {e}")
+            return "_"
+
+    @classmethod
+    def normalize_filename(cls, filename: str) -> str:
+        """Deprecated: Use sanitize_filename instead.
+
+        This method is kept for backward compatibility but delegates to
+        sanitize_filename which matches LibreChat's sanitization logic.
+        """
+        return cls.sanitize_filename(filename)

tests/unit/test_output_processor.py

@@ -0,0 +1,119 @@
+"""Unit tests for the OutputProcessor."""
+
+import pytest
+from src.services.execution.output import OutputProcessor
+
+
+class TestSanitizeFilename:
+    """Tests for the sanitize_filename method."""
+
+    def test_spaces_replaced_with_underscores(self):
+        """Test that spaces are replaced with underscores."""
+        result = OutputProcessor.sanitize_filename("file with spaces.txt")
+        assert result == "file_with_spaces.txt"
+
+    def test_parentheses_replaced_with_underscores(self):
+        """Test that parentheses are replaced with underscores."""
+        result = OutputProcessor.sanitize_filename("manufacturing_analysis (v2).xlsx")
+        assert result == "manufacturing_analysis__v2_.xlsx"
+
+    def test_special_characters_replaced(self):
+        """Test that special characters are replaced with underscores."""
+        result = OutputProcessor.sanitize_filename("special@chars#here!.pdf")
+        assert result == "special_chars_here_.pdf"
+
+    def test_already_valid_unchanged(self):
+        """Test that already valid filenames are unchanged."""
+        result = OutputProcessor.sanitize_filename("already-valid.txt")
+        assert result == "already-valid.txt"
+
+    def test_uppercase_preserved(self):
+        """Test that uppercase letters are preserved."""
+        result = OutputProcessor.sanitize_filename("UPPERCASE.TXT")
+        assert result == "UPPERCASE.TXT"
+
+    def test_numbers_preserved(self):
+        """Test that numbers are preserved."""
+        result = OutputProcessor.sanitize_filename("123numbers.doc")
+        assert result == "123numbers.doc"
+
+    def test_hidden_file_prefixed(self):
+        """Test that hidden files (starting with dot) get underscore prefix."""
+        result = OutputProcessor.sanitize_filename(".hidden")
+        assert result == "_.hidden"
+
+    def test_empty_string_returns_underscore(self):
+        """Test that empty string returns underscore."""
+        result = OutputProcessor.sanitize_filename("")
+        assert result == "_"
+
+    def test_none_returns_underscore(self):
+        """Test that None returns underscore."""
+        result = OutputProcessor.sanitize_filename(None)
+        assert result == "_"
+
+    def test_path_traversal_stripped(self):
+        """Test that path traversal attempts are stripped."""
+        result = OutputProcessor.sanitize_filename("../../../etc/passwd")
+        assert result == "passwd"
+
+    def test_absolute_path_stripped(self):
+        """Test that absolute paths are stripped to basename."""
+        result = OutputProcessor.sanitize_filename("/absolute/path/file.txt")
+        assert result == "file.txt"
+
+    def test_unicode_characters_replaced(self):
+        """Test that non-ASCII characters are replaced."""
+        result = OutputProcessor.sanitize_filename("résumé.docx")
+        assert result == "r_sum_.docx"
+
+    def test_brackets_replaced(self):
+        """Test that brackets are replaced with underscores."""
+        result = OutputProcessor.sanitize_filename("[brackets].txt")
+        assert result == "_brackets_.txt"
+
+    def test_leading_parenthesis_prefixed(self):
+        """Test that filename starting with parenthesis is handled."""
+        result = OutputProcessor.sanitize_filename("(parentheses).txt")
+        assert result == "_parentheses_.txt"
+
+    def test_dashes_preserved(self):
+        """Test that dashes are preserved."""
+        result = OutputProcessor.sanitize_filename("file-name.with-dashes.txt")
+        assert result == "file-name.with-dashes.txt"
+
+    def test_dots_preserved(self):
+        """Test that dots in filename are preserved."""
+        result = OutputProcessor.sanitize_filename("file.name.multiple.dots.txt")
+        assert result == "file.name.multiple.dots.txt"
+
+    def test_simple_filename_unchanged(self):
+        """Test that simple alphanumeric filename is unchanged."""
+        result = OutputProcessor.sanitize_filename("SimpleFile123.pdf")
+        assert result == "SimpleFile123.pdf"
+
+    def test_long_filename_truncated(self):
+        """Test that filenames over 255 chars are truncated with hash suffix."""
+        long_name = "a" * 300 + ".txt"
+        result = OutputProcessor.sanitize_filename(long_name)
+        # Should be 255 chars or less
+        assert len(result) <= 255
+        # Should end with .txt
+        assert result.endswith(".txt")
+        # Should have a random suffix before extension
+        assert "-" in result
+
+
+class TestNormalizeFilename:
+    """Tests for the deprecated normalize_filename method."""
+
+    def test_delegates_to_sanitize_filename(self):
+        """Test that normalize_filename delegates to sanitize_filename."""
+        result = OutputProcessor.normalize_filename("file with spaces.txt")
+        expected = OutputProcessor.sanitize_filename("file with spaces.txt")
+        assert result == expected
+
+    def test_parentheses_now_replaced(self):
+        """Test that normalize_filename now also replaces parentheses."""
+        result = OutputProcessor.normalize_filename("file (v2).xlsx")
+        assert result == "file__v2_.xlsx"