feat: Add configurable CSP image domains via environment variable#1278
Open
yang1002378395-cmyk wants to merge 3 commits intokhoj-ai:masterfrom
Open
feat: Add configurable CSP image domains via environment variable#1278yang1002378395-cmyk wants to merge 3 commits intokhoj-ai:masterfrom
yang1002378395-cmyk wants to merge 3 commits intokhoj-ai:masterfrom
Conversation
added 3 commits
March 15, 2026 00:36
When ChatModel.friendly_name is None, __str__ returns None causing: TypeError: __str__ returned non-string (type NoneType) Fixed by falling back to name field when friendly_name is None.
…loading model When SearchModelConfig.ApiType.LOCAL is set with an embeddings_inference_endpoint, Khoj was still downloading the model from HuggingFace instead of using the API. Changes: - Only load SentenceTransformer locally when ApiType.LOCAL and no endpoint configured - Use OpenAI-compatible API for local endpoints (llama.cpp, vLLM, etc.) - Handle None API key for local servers that don't require authentication Fixes khoj-ai#1253
- Add NEXT_PUBLIC_CSP_IMG_DOMAINS env var for build-time configuration - Add KHOJ_CSP_IMG_DOMAINS env var for runtime hint - Add CSPHeadersMiddleware to pass domains via X-Khoj-CSP-Img-Domains header - Document new env var in docker-compose.yml Fixes khoj-ai#1249
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds support for configuring Content-Security-Policy (CSP) image domains via environment variables, addressing the need for users to load images from custom domains (e.g., CDN, external image hosts).
Changes
NEXT_PUBLIC_CSP_IMG_DOMAINSenvironment variable support inlayoutHelper.tsxCSPHeadersMiddlewareto pass domains viaX-Khoj-CSP-Img-Domainsheaderdocker-compose.ymlfor the newKHOJ_CSP_IMG_DOMAINSenv varUsage
Build-time (Docker build)
Runtime (Docker run)
Testing
Fixes #1249
🤖 Generated with Claude Code