paperless-ngx

amorfo77/paperless-ngx

Fork 0

mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2026-06-30 17:24:22 +00:00

Commit Graph

Author	SHA1	Message	Date
Trenton H	bb860a5834	Fix: Improvements for security around the AI (#12895 ) * Fix: Validate and limit chat question input in ChatStreamingView Add max_length=4000 to ChatStreamingSerializer.q and replace the bare request.data["q"] read with proper serializer.is_valid(raise_exception=True) so oversized or missing questions are rejected with HTTP 400 before reaching the LLM. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix: Add defensive prompt framing to mark document content as untrusted * Also adds a system prompt which is treated higher that this is untrusted stuff --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-01 10:03:27 -07:00

Author

SHA1

Message

Date

Trenton H

bb860a5834

Fix: Improvements for security around the AI (#12895 )

* Fix: Validate and limit chat question input in ChatStreamingView

Add max_length=4000 to ChatStreamingSerializer.q and replace the bare
request.data["q"] read with proper serializer.is_valid(raise_exception=True)
so oversized or missing questions are rejected with HTTP 400 before
reaching the LLM.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Fix: Add defensive prompt framing to mark document content as untrusted

* Also adds a system prompt which is treated higher that this is untrusted stuff

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-01 10:03:27 -07:00

1 Commits