Do not expose existence of files outside of working directory (#5510)

* reorder for security

* add changeset

* routes

---------

Co-authored-by: gradio-pr-bot <gradio-pr-bot@users.noreply.github.com>

.changeset/nice-flowers-join.md

@@ -0,0 +1,5 @@
+---
+"gradio": minor
+---
+
+feat:Do not expose existence of files outside of working directory

gradio/routes.py

@@ -394,8 +394,6 @@ async def file(path_or_url: str, request: fastapi.Request):
 
             if in_blocklist or is_dotfile or is_dir:
                 raise HTTPException(403, f"File not allowed: {path_or_url}.")
-            if not abs_path.exists():
-                raise HTTPException(404, f"File not found: {path_or_url}.")
 
             in_app_dir = utils.is_in_or_equal(abs_path, app.cwd)
             created_by_app = str(abs_path) in set().union(*blocks.temp_file_sets)
@@ -408,6 +406,9 @@ async def file(path_or_url: str, request: fastapi.Request):
             if not (in_app_dir or created_by_app or in_allowlist or was_uploaded):
                 raise HTTPException(403, f"File not allowed: {path_or_url}.")
 
+            if not abs_path.exists():
+                raise HTTPException(404, f"File not found: {path_or_url}.")
+
             range_val = request.headers.get("Range", "").strip()
             if range_val.startswith("bytes=") and "-" in range_val:
                 range_val = range_val[6:]

test/test_routes.py

@@ -381,6 +381,12 @@ def test_dynamic_file_directory(self, test_client):
         response = test_client.get(r"/file=gradio")
         assert response.status_code == 403
 
+    def test_do_not_expose_existence_of_files_outside_working_directory(
+        self, test_client
+    ):
+        response = test_client.get(r"/file=../fake-file-that-does-not-exist.js")
+        assert response.status_code == 403  # not a 404
+
     def test_mount_gradio_app_raises_error_if_event_queued_but_queue_disabled(self):
         with gr.Blocks() as demo:
             with gr.Row():