From 7690395efe784b80f4e8e66c4e3de131115e1ee2 Mon Sep 17 00:00:00 2001
From: Marcus Widing <widing.marcus@gmail.com>
Date: Mon, 16 Mar 2026 22:37:34 +0100
Subject: [PATCH] harden avatar URL validation to block root-relative paths

---
 ui/src/ui/views/agents-utils.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/ui/views/agents-utils.ts b/ui/src/ui/views/agents-utils.ts
index e0c06c41386..1bda0e8daa8 100644
--- a/ui/src/ui/views/agents-utils.ts
+++ b/ui/src/ui/views/agents-utils.ts
@@ -194,7 +194,7 @@ export function normalizeAgentLabel(agent: {
   return agent.name?.trim() || agent.identity?.name?.trim() || agent.id;
 }
 
-const AVATAR_URL_RE = /^(https?:\/\/|data:image\/|\/)/i;
+const AVATAR_URL_RE = /^(https?:\/\/|data:image\/|blob:)/i;
 
 export function resolveAgentAvatarUrl(
   agent: { identity?: { avatar?: string; avatarUrl?: string } },