refac: AIOHTTP_CLIENT_SESSION_SSL

backend/open_webui/main.py

@@ -380,6 +380,7 @@ from open_webui.env import (
     OFFLINE_MODE,
     ENABLE_OTEL,
     EXTERNAL_PWA_MANIFEST_URL,
+    AIOHTTP_CLIENT_SESSION_SSL,
 )
 
 
@@ -1464,7 +1465,8 @@ async def get_app_latest_release_version(user=Depends(get_verified_user)):
         timeout = aiohttp.ClientTimeout(total=1)
         async with aiohttp.ClientSession(timeout=timeout, trust_env=True) as session:
             async with session.get(
-                "https://api.github.com/repos/open-webui/open-webui/releases/latest"
+                "https://api.github.com/repos/open-webui/open-webui/releases/latest",
+                ssl=AIOHTTP_CLIENT_SESSION_SSL,
             ) as response:
                 response.raise_for_status()
                 data = await response.json()

backend/open_webui/retrieval/web/utils.py

@@ -39,7 +39,7 @@ from open_webui.config import (
     EXTERNAL_WEB_LOADER_URL,
     EXTERNAL_WEB_LOADER_API_KEY,
 )
-from open_webui.env import SRC_LOG_LEVELS
+from open_webui.env import SRC_LOG_LEVELS, AIOHTTP_CLIENT_SESSION_SSL
 
 log = logging.getLogger(__name__)
 log.setLevel(SRC_LOG_LEVELS["RAG"])
@@ -515,7 +515,9 @@ class SafeWebBaseLoader(WebBaseLoader):
                         kwargs["ssl"] = False
 
                     async with session.get(
-                        url, **(self.requests_kwargs | kwargs)
+                        url,
+                        **(self.requests_kwargs | kwargs),
+                        ssl=AIOHTTP_CLIENT_SESSION_SSL,
                     ) as response:
                         if self.raise_for_status:
                             response.raise_for_status()

backend/open_webui/routers/audio.py

@@ -38,6 +38,7 @@ from open_webui.config import (
 
 from open_webui.constants import ERROR_MESSAGES
 from open_webui.env import (
+    AIOHTTP_CLIENT_SESSION_SSL,
     AIOHTTP_CLIENT_TIMEOUT,
     ENV,
     SRC_LOG_LEVELS,
@@ -326,6 +327,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                             else {}
                         ),
                     },
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                 ) as r:
                     r.raise_for_status()
 
@@ -381,6 +383,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                         "Content-Type": "application/json",
                         "xi-api-key": request.app.state.config.TTS_API_KEY,
                     },
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                 ) as r:
                     r.raise_for_status()
 
@@ -439,6 +442,7 @@ async def speech(request: Request, user=Depends(get_verified_user)):
                         "X-Microsoft-OutputFormat": output_format,
                     },
                     data=data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                 ) as r:
                     r.raise_for_status()
 

backend/open_webui/routers/pipelines.py

@@ -18,7 +18,7 @@ from pydantic import BaseModel
 from starlette.responses import FileResponse
 from typing import Optional
 
-from open_webui.env import SRC_LOG_LEVELS
+from open_webui.env import SRC_LOG_LEVELS, AIOHTTP_CLIENT_SESSION_SSL
 from open_webui.config import CACHE_DIR
 from open_webui.constants import ERROR_MESSAGES
 
@@ -89,6 +89,7 @@ async def process_pipeline_inlet_filter(request, payload, user, models):
                     f"{url}/{filter['id']}/filter/inlet",
                     headers=headers,
                     json=request_data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                 ) as response:
                     payload = await response.json()
                     response.raise_for_status()
@@ -138,6 +139,7 @@ async def process_pipeline_outlet_filter(request, payload, user, models):
                     f"{url}/{filter['id']}/filter/outlet",
                     headers=headers,
                     json=request_data,
+                    ssl=AIOHTTP_CLIENT_SESSION_SSL,
                 ) as response:
                     payload = await response.json()
                     response.raise_for_status()

backend/open_webui/utils/oauth.py

@@ -41,6 +41,7 @@ from open_webui.config import (
 )
 from open_webui.constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
 from open_webui.env import (
+    AIOHTTP_CLIENT_SESSION_SSL,
     WEBUI_NAME,
     WEBUI_AUTH_COOKIE_SAME_SITE,
     WEBUI_AUTH_COOKIE_SECURE,
@@ -306,7 +307,9 @@ class OAuthManager:
                     "Authorization": f"Bearer {access_token}",
                 }
             async with aiohttp.ClientSession(trust_env=True) as session:
-                async with session.get(picture_url, **get_kwargs) as resp:
+                async with session.get(
+                    picture_url, **get_kwargs, ssl=AIOHTTP_CLIENT_SESSION_SSL
+                ) as resp:
                     if resp.ok:
                         picture = await resp.read()
                         base64_encoded_picture = base64.b64encode(picture).decode(
@@ -371,7 +374,9 @@ class OAuthManager:
                     headers = {"Authorization": f"Bearer {access_token}"}
                     async with aiohttp.ClientSession(trust_env=True) as session:
                         async with session.get(
-                            "https://api.github.com/user/emails", headers=headers
+                            "https://api.github.com/user/emails",
+                            headers=headers,
+                            ssl=AIOHTTP_CLIENT_SESSION_SSL,
                         ) as resp:
                             if resp.ok:
                                 emails = await resp.json()