From f3b972e57381afc74d9417f802f8ae3c64536f68 Mon Sep 17 00:00:00 2001
From: josephrocca <1167575+josephrocca@users.noreply.github.com>
Date: Mon, 27 May 2024 10:31:29 +0800
Subject: [PATCH 1/8] Fix web url

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d496d68ed..e96e2f588 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ One-Click to get a well-designed cross-platform ChatGPT web UI, with GPT3, GPT4
 
 [网页版](https://app.nextchat.dev/) / [客户端](https://github.com/Yidadaa/ChatGPT-Next-Web/releases) / [反馈](https://github.com/Yidadaa/ChatGPT-Next-Web/issues)
 
-[web-url]: https://chatgpt.nextweb.fun
+[web-url]: https://app.nextchat.dev/
 [download-url]: https://github.com/Yidadaa/ChatGPT-Next-Web/releases
 [Web-image]: https://img.shields.io/badge/Web-PWA-orange?logo=microsoftedge
 [Windows-image]: https://img.shields.io/badge/-Windows-blue?logo=windows

From 1d8fd480ca7c75319bf469494d40bb527f2cecf7 Mon Sep 17 00:00:00 2001
From: junxian li-ssslab win10 <ljx.1024@outlook.com>
Date: Fri, 7 Jun 2024 03:28:00 +0800
Subject: [PATCH 2/8] Add new Teracloud domain - Added 'bora.teracloud.jp' to
 the list of supported domains.

---
 app/constant.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/constant.ts b/app/constant.ts
index 9f1d87161..411e48150 100644
--- a/app/constant.ts
+++ b/app/constant.ts
@@ -149,7 +149,7 @@ const openaiModels = [
   "gpt-4o",
   "gpt-4o-2024-05-13",
   "gpt-4-vision-preview",
-  "gpt-4-turbo-2024-04-09"
+  "gpt-4-turbo-2024-04-09",
 ];
 
 const googleModels = [
@@ -207,6 +207,7 @@ export const internalAllowedWebDavEndpoints = [
   "https://dav.dropdav.com/",
   "https://dav.box.com/dav",
   "https://nanao.teracloud.jp/dav/",
+  "https://bora.teracloud.jp/dav/",
   "https://webdav.4shared.com/",
   "https://dav.idrivesync.com",
   "https://webdav.yandex.com",

From 163fc9e3a31158b4be8ff25f98a1c905c6eb1afb Mon Sep 17 00:00:00 2001
From: Imamuzzaki Abu Salam <imamuzzaki@gmail.com>
Date: Fri, 14 Jun 2024 08:45:06 +0700
Subject: [PATCH 3/8] fix someone forgot to update license year to 2024

---
 LICENSE | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/LICENSE b/LICENSE
index 542e91f4e..c979e90c0 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2023 Zhang Yifei
+Copyright (c) 2024 Zhang Yifei
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

From 9b0a7050556bed8d0289aeb9686299c1608b5f3f Mon Sep 17 00:00:00 2001
From: Imamuzzaki Abu Salam <imamuzzaki@gmail.com>
Date: Fri, 14 Jun 2024 09:19:38 +0700
Subject: [PATCH 4/8] Update LICENSE

---
 LICENSE | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/LICENSE b/LICENSE
index c979e90c0..047f9431e 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2024 Zhang Yifei
+Copyright (c) 2023-2024 Zhang Yifei
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

From 4640060891c85b6619cdaf7b7ee4c0cfc4404170 Mon Sep 17 00:00:00 2001
From: hengstchon <hengstchon@gmail.com>
Date: Fri, 21 Jun 2024 12:05:28 +0200
Subject: [PATCH 5/8] feat: support model: claude-3-5-sonnet-20240620

---
 app/constant.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/constant.ts b/app/constant.ts
index 411e48150..1ccb1aeb2 100644
--- a/app/constant.ts
+++ b/app/constant.ts
@@ -166,6 +166,7 @@ const anthropicModels = [
   "claude-3-sonnet-20240229",
   "claude-3-opus-20240229",
   "claude-3-haiku-20240307",
+  "claude-3-5-sonnet-20240620",
 ];
 
 export const DEFAULT_MODELS = [

From 9fb8fbcc65c29c74473a13715c05725e2b49065d Mon Sep 17 00:00:00 2001
From: Fred <fred@nextchat.dev>
Date: Mon, 24 Jun 2024 14:31:50 +0800
Subject: [PATCH 6/8] fix: validate the url to avoid SSRF

---
 app/api/webdav/[...path]/route.ts | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/app/api/webdav/[...path]/route.ts b/app/api/webdav/[...path]/route.ts
index 816c2046b..01286fc1b 100644
--- a/app/api/webdav/[...path]/route.ts
+++ b/app/api/webdav/[...path]/route.ts
@@ -9,6 +9,14 @@ const mergedAllowedWebDavEndpoints = [
   ...config.allowedWebDevEndpoints,
 ].filter((domain) => Boolean(domain.trim()));
 
+const normalizeUrl = (url: string) => {
+  try {
+    return new URL(url);
+  } catch (err) {
+    return null;
+  }
+};
+
 async function handle(
   req: NextRequest,
   { params }: { params: { path: string[] } },
@@ -24,9 +32,15 @@ async function handle(
 
   // Validate the endpoint to prevent potential SSRF attacks
   if (
-    !mergedAllowedWebDavEndpoints.some(
-      (allowedEndpoint) => endpoint?.startsWith(allowedEndpoint),
-    )
+    !endpoint ||
+    !mergedAllowedWebDavEndpoints.some((allowedEndpoint) => {
+      const normalizedAllowedEndpoint = normalizeUrl(allowedEndpoint);
+      const normalizedEndpoint = normalizeUrl(endpoint as string);
+
+      return normalizedEndpoint &&
+        normalizedEndpoint.hostname === normalizedAllowedEndpoint?.hostname &&
+        normalizedEndpoint.pathname.startsWith(normalizedAllowedEndpoint.pathname);
+    })
   ) {
     return NextResponse.json(
       {

From b972a0d0817e612fe2a1cba398c338bcec7573e6 Mon Sep 17 00:00:00 2001
From: Fred <fred@nextchat.dev>
Date: Mon, 24 Jun 2024 14:45:45 +0800
Subject: [PATCH 7/8] feat: bump version

---
 src-tauri/tauri.conf.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src-tauri/tauri.conf.json b/src-tauri/tauri.conf.json
index ee87d8d15..6230ba41f 100644
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@@ -9,7 +9,7 @@
   },
   "package": {
     "productName": "NextChat",
-    "version": "2.12.3"
+    "version": "2.12.4"
   },
   "tauri": {
     "allowlist": {
@@ -112,4 +112,4 @@
       }
     ]
   }
-}
+}
\ No newline at end of file

From 95e3b156c01e51324c32e7be6d818b5ee3f4025f Mon Sep 17 00:00:00 2001
From: fred-bf <157469842+fred-bf@users.noreply.github.com>
Date: Wed, 26 Jun 2024 17:36:14 +0800
Subject: [PATCH 8/8] Update Dockerfile

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 51a810fc5..ae9a17cdd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -43,7 +43,7 @@ COPY --from=builder /app/.next/server ./.next/server
 EXPOSE 3000
 
 CMD if [ -n "$PROXY_URL" ]; then \
-    export HOSTNAME="127.0.0.1"; \
+    export HOSTNAME="0.0.0.0"; \
     protocol=$(echo $PROXY_URL | cut -d: -f1); \
     host=$(echo $PROXY_URL | cut -d/ -f3 | cut -d: -f1); \
     port=$(echo $PROXY_URL | cut -d: -f3); \
@@ -58,7 +58,7 @@ CMD if [ -n "$PROXY_URL" ]; then \
     echo "[ProxyList]" >> $conf; \
     echo "$protocol $host $port" >> $conf; \
     cat /etc/proxychains.conf; \
-    proxychains -f $conf node server.js --host 0.0.0.0; \
+    proxychains -f $conf node server.js; \
     else \
     node server.js; \
     fi