Prevent SSRF risk

backend/danswer/connectors/web/connector.py

@@ -33,6 +33,7 @@
 from danswer.file_processing.html_utils import web_html_cleanup
 from danswer.utils.logger import setup_logger
 from danswer.utils.sitemap import list_pages_for_site
+from shared_configs.configs import MULTI_TENANT
 
 logger = setup_logger()
 
@@ -241,6 +242,12 @@ def __init__(
             self.to_visit_list = extract_urls_from_sitemap(_ensure_valid_url(base_url))
 
         elif web_connector_type == WEB_CONNECTOR_VALID_SETTINGS.UPLOAD:
+            # Explicitly check if running in multi-tenant mode to prevent potential security risks
+            if MULTI_TENANT:
+                raise ValueError(
+                    "Upload input for web connector is not supported in cloud environments"
+                )
+
             logger.warning(
                 "This is not a UI supported Web Connector flow, "
                 "are you sure you want to do this?"