fix: Fix SSRF causing arbitrary file read vulnerability

XiaJunjie2020 · XiaJunjie2020 · commit 48589a634b11 · 2026-03-13T18:18:41.000+08:00
diff --git a/backend/apps/db/db.py b/backend/apps/db/db.py
@@ -688,6 +688,7 @@ def check_sql_read(sql: str, ds: CoreDatasource | AssistantOutDsSchema):
 def checkParams(extraParams: str, illegalParams: List[str]):
     kvs = extraParams.split('&')
     for kv in kvs:
-        k, v = kv.split('=')
-        if k in illegalParams:
-            raise HTTPException(status_code=500, detail=f'Illegal Parameter: {k}')
+        if kv and '=' in kv:
+            k, v = kv.split('=')
+            if k in illegalParams:
+                raise HTTPException(status_code=500, detail=f'Illegal Parameter: {k}')
