Introducing Gradio Clients
Watch
- Additional Features
- File Access
Security and File Access
Sharing your Gradio app with others (by hosting it on Spaces, on your own server, or through temporary share links) exposes certain files on your machine to the internet.
This guide explains which files are exposed as well as some best practices for making sure the files on your machine are secure.
The Gradio cache%20Copyright%202022%20Fonticons,%20Inc.%20--%3e%3cpath%20d='M172.5%20131.1C228.1%2075.51%20320.5%2075.51%20376.1%20131.1C426.1%20181.1%20433.5%20260.8%20392.4%20318.3L391.3%20319.9C381%20334.2%20361%20337.6%20346.7%20327.3C332.3%20317%20328.9%20297%20339.2%20282.7L340.3%20281.1C363.2%20249%20359.6%20205.1%20331.7%20177.2C300.3%20145.8%20249.2%20145.8%20217.7%20177.2L105.5%20289.5C73.99%20320.1%2073.99%20372%20105.5%20403.5C133.3%20431.4%20177.3%20435%20209.3%20412.1L210.9%20410.1C225.3%20400.7%20245.3%20404%20255.5%20418.4C265.8%20432.8%20262.5%20452.8%20248.1%20463.1L246.5%20464.2C188.1%20505.3%20110.2%20498.7%2060.21%20448.8C3.741%20392.3%203.741%20300.7%2060.21%20244.3L172.5%20131.1zM467.5%20380C411%20436.5%20319.5%20436.5%20263%20380C213%20330%20206.5%20251.2%20247.6%20193.7L248.7%20192.1C258.1%20177.8%20278.1%20174.4%20293.3%20184.7C307.7%20194.1%20311.1%20214.1%20300.8%20229.3L299.7%20230.9C276.8%20262.1%20280.4%20306.9%20308.3%20334.8C339.7%20366.2%20390.8%20366.2%20422.3%20334.8L534.5%20222.5C566%20191%20566%20139.1%20534.5%20108.5C506.7%2080.63%20462.7%2076.99%20430.7%2099.9L429.1%20101C414.7%20111.3%20394.7%20107.1%20384.5%2093.58C374.2%2079.2%20377.5%2059.21%20391.9%2048.94L393.5%2047.82C451%206.731%20529.8%2013.25%20579.8%2063.24C636.3%20119.7%20636.3%20211.3%20579.8%20267.7L467.5%20380z'/%3e%3c/svg%3e)
First, it's important to understand that Gradio copies files to a cache directory before returning them to the frontend. This prevents files from being overwritten by one user while they are still needed by another user of your application. For example, if your prediction function returns a video file, then Gradio will move that video to the cache after your prediction function runs and returns a URL the frontend can use to show the video. Any file in the cache is available via URL to all users of your running application.
Tip: You can customize the location of the cache by setting the `GRADIO_TEMP_DIR` environment variable to an absolute path, such as `/home/usr/scripts/project/temp/`.
The files Gradio will move to the cache
Before placing a file in the cache, Gradio will check to see if the file meets at least one of following criteria:
- It was uploaded by a user.
- It is in the
allowed_pathsparameter of theBlocks.launchmethod. - It is in the current working directory of the python interpreter.
- It is in the temp directory obtained by
tempfile.gettempdir(). - It was specified by the developer before runtime, e.g. cached examples or default values of components.
Note: files in the current working directory whose name starts with a period (.) will not be moved to the cache, since they often contain sensitive information.
If none of these criteria are met, the prediction function that is returning that file will raise an exception instead of moving the file to cache. Gradio performs this check so that arbitrary files on your machine cannot be accessed.
Tip: If at any time Gradio blocks a file that you would like it to process, add its path to the `allowed_paths` parameter.
The files Gradio will allow others to access
In short, these are the files located in the cache and any other additional paths YOU grant access to via allowed_paths or gr.set_static_paths.
-
The
allowed_pathsparameter inlaunch(). This parameter allows you to pass in a list of additional directories or exact filepaths you'd like to allow users to have access to. (By default, this parameter is an empty list). -
Static files that you explicitly set via the
gr.set_static_pathsfunction. This parameter allows you to pass in a list of directories or filenames that will be considered static. This means that they will not be copied to the cache and will be served directly from your computer. This can help save disk space and reduce the time your app takes to launch but be mindful of possible security implications.
The files Gradio will not allow others to access
While running, Gradio apps will NOT ALLOW users to access:
-
Files that you explicitly block via the
blocked_pathsparameter inlaunch(). You can pass in a list of additional directories or exact filepaths to theblocked_pathsparameter inlaunch(). This parameter takes precedence over the files that Gradio exposes by default, or by theallowed_pathsparameter or thegr.set_static_pathsfunction. -
Any other paths on the host machine. Users should NOT be able to access other arbitrary paths on the host.
Uploading Files
Sharing your Gradio application will also allow users to upload files to your computer or server. You can set a maximum file size for uploads to prevent abuse and to preserve disk space. You can do this with the max_file_size parameter of .launch. For example, the following two code snippets limit file uploads to 5 megabytes per file.
import gradio as gr
demo = gr.Interface(lambda x: x, "image", "image")
demo.launch(max_file_size="5mb")
# or
demo.launch(max_file_size=5 * gr.FileSize.MB)Best Practices
- Set a
max_file_sizefor your application. - Do not return arbitrary user input from a function that is connected to a file-based output component (
gr.Image,gr.File, etc.). For example, the following interface would allow anyone to move an arbitrary file in your local directory to the cache:gr.Interface(lambda s: s, "text", "file"). This is because the user input is treated as an arbitrary file path. - Make
allowed_pathsas small as possible. If a path inallowed_pathsis a directory, any file within that directory can be accessed. Make sure the entires ofallowed_pathsonly contains files related to your application. - Run your gradio application from the same directory the application file is located in. This will narrow the scope of files Gradio will be allowed to move into the cache. For example, prefer
python app.pytopython Users/sources/project/app.py.