From fa8461be9de417a5b84322de116f02157a235a7e Mon Sep 17 00:00:00 2001
From: onekum <55006697+onekum@users.noreply.github.com>
Date: Mon, 10 Apr 2023 09:21:43 -0400
Subject: [PATCH] Restrict browse from accessing local files

---
 scripts/browse.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/browse.py b/scripts/browse.py
index c15214e7d..4a73d9232 100644
--- a/scripts/browse.py
+++ b/scripts/browse.py
@@ -11,6 +11,10 @@ def scrape_text(url):
     if not url.startswith('http'):
         return "Error: Invalid URL"
     
+    # Restrict access to local files
+    if url.startswith('file://') or url.startswith('file://localhost'):
+        return "Error: Access to local files is restricted"
+    
     try:
         response = requests.get(url, headers=cfg.user_agent_header)
     except requests.exceptions.RequestException as e:
@@ -126,4 +130,4 @@ def summarize_text(text, question):
         max_tokens=300,
     )
 
-    return final_summary
\ No newline at end of file
+    return final_summary