fix: 支持 HTTP 协议和内网地址访问，修复聊天 URL 缺协议前缀问题

- validate_public_url 默认允许 http 和 https 协议
- 移除 _is_forbidden_ip_address 中 is_private 和 is_site_local 拦截，允许内网 IP
- validate_public_url 中无 scheme 时自动补全 http://
- normalize_openai_base_url 中无协议前缀时自动补全 http://
- pyproject.toml 添加 httpx[socks] 依赖以支持 SOCKS 代理

pyproject.toml

@@ -15,7 +15,7 @@ dependencies = [
     "faiss-cpu>=1.11.0",
     "fastapi>=0.116.0",
     "google-genai>=1.39.1",
-    "httpx",
+    "httpx[socks]",
     "jieba>=0.42.1",
     "json-repair>=0.47.6",
     "maim-message>=0.6.2",

src/llm_models/openai_compat.py

@@ -26,12 +26,17 @@ class OpenAICompatibleRequestOverrides:
 def normalize_openai_base_url(base_url: str) -> str:
     """规范化 OpenAI 兼容接口的基础地址。
 
+    去掉尾部斜杠，且如果缺少协议前缀则自动补全 http://。
+
     Args:
         base_url: 原始基础地址。
 
     Returns:
-        str: 去掉尾部斜杠后的地址。
+        str: 规范化后的地址。
     """
+    base_url = base_url.strip()
+    if base_url and "://" not in base_url:
+        base_url = "http://" + base_url
     return base_url.rstrip("/")
 
 

src/webui/utils/network_security.py

@@ -31,19 +31,19 @@ def _is_forbidden_ip_address(address: ipaddress.IPv4Address | ipaddress.IPv6Addr
             address.is_loopback,
             address.is_link_local,
             address.is_multicast,
-            address.is_private,
             address.is_reserved,
             address.is_unspecified,
-            getattr(address, "is_site_local", False),
         )
     )
 
 
-def validate_public_url(url: str, allowed_schemes: Iterable[str] = ("https",)) -> str:
+def validate_public_url(url: str, allowed_schemes: Iterable[str] = ("http", "https")) -> str:
     normalized_url = url.strip()
     if not normalized_url:
         raise ValueError("URL 不能为空")
 
+    if "://" not in normalized_url:
+        normalized_url = "http://" + normalized_url
     parsed = urlparse(normalized_url)
     allowed_scheme_set = {scheme.lower() for scheme in allowed_schemes}
     if parsed.scheme.lower() not in allowed_scheme_set: