fix(api): force download for HTML previews

[laipz8200]

Important

1. Make sure you have read our contribution guidelines
2. Ensure there is an associated issue and you have been assigned to it
3. Use the correct syntax to link this PR: Fixes #<issue number>.

Summary

Fixes #30089

• Force HTML uploads to download with safe headers in file preview responses.
• Share HTML detection logic across preview controllers.

Screenshots

Before	After
N/A	N/A

Checklist

• This change requires a documentation update, included: Dify Document
• I understand that this PR may be closed in case there was no previous discussion or issues. (This doesn't apply to typos!)
• I've added a test for each change that was introduced, and I tried as much as possible to make a single atomic change.
• I've updated the documentation accordingly.
• I ran dev/reformat(backend) and cd web && npx lint-staged(frontend) to appease the lint gods

[gemini-code-assist]

Summary of Changes

Hello @laipz8200, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the security posture of the application by preventing the direct rendering of potentially unsafe HTML content when users attempt to preview files. By centralizing the detection of HTML files and enforcing their download with appropriate security headers, the system reduces the risk of cross-site scripting (XSS) and other browser-based vulnerabilities. This change ensures a safer user experience without impacting the preview functionality of other file types.

Highlights

• Enhanced Security for HTML Previews: Implemented a mechanism to force HTML files to download rather than render directly in the browser when accessed via file preview endpoints. This mitigates potential security risks associated with malicious HTML content.
• Centralized HTML Detection Logic: Introduced a new utility module (file_response.py) to centralize the logic for detecting HTML content based on MIME type, filename, or extension. This promotes code reusability and consistency across different file preview controllers.
• Standardized Download Headers: When HTML content is detected, specific HTTP headers (Content-Disposition: attachment, Content-Type: application/octet-stream, X-Content-Type-Options: nosniff) are now applied to ensure the browser downloads the file and does not attempt to interpret it as executable content.
• Integration Across Preview Controllers: The new HTML download enforcement logic has been integrated into the image_preview, tool_files, and file_preview controllers, ensuring consistent behavior for all relevant file types.
• Comprehensive Unit Tests: New unit tests have been added for the HTML detection and download enforcement utilities, and an existing test suite was updated to include a specific test case for HTML files forcing attachment, ensuring the new functionality works as expected.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a crucial security fix by forcing HTML file previews to be downloaded as attachments, mitigating potential XSS vulnerabilities. The implementation is well-executed, centralizing the detection and enforcement logic into a new file_response.py module and applying it across various endpoints. The addition of unit tests is also commendable. I have a couple of suggestions to further improve test coverage and enhance the robustness of the implementation.