Fix on vulnerability report

#1695

Author: hacksider

.gitignore

@@ -26,3 +26,4 @@ faceswap/
 .vscode/
 switch_states.json
 /models
+install.bat

modules/processors/frame/core.py

@@ -17,8 +17,17 @@
     'process_video'
 ]
 
+ALLOWED_PROCESSORS = {
+    'face_swapper',
+    'face_enhancer',
+    'face_enhancer_gpen256',
+    'face_enhancer_gpen512'
+}
 
 def load_frame_processor_module(frame_processor: str) -> Any:
+    if frame_processor not in ALLOWED_PROCESSORS:
+        print(f"Frame processor {frame_processor} is not allowed")
+        sys.exit()
     try:
         frame_processor_module = importlib.import_module(f'modules.processors.frame.{frame_processor}')
         for method_name in FRAME_PROCESSORS_INTERFACE:

modules/utilities.py

@@ -15,10 +15,6 @@
 TEMP_FILE = "temp.mp4"
 TEMP_DIRECTORY = "temp"
 
-# monkey patch ssl for mac
-if platform.system().lower() == "darwin":
-    ssl._create_default_https_context = ssl._create_unverified_context
-
 
 def run_ffmpeg(args: List[str]) -> bool:
     """Run ffmpeg with hardware acceleration and optimized settings."""
@@ -286,16 +282,29 @@ def conditional_download(download_directory_path: str, urls: List[str]) -> None:
             download_directory_path, os.path.basename(url)
         )
         if not os.path.exists(download_file_path):
-            request = urllib.request.urlopen(url)  # type: ignore[attr-defined]
-            total = int(request.headers.get("Content-Length", 0))
+            request = urllib.request.Request(url)
+            
+            # Create a specific SSL context for macOS to avoid globally disabling verification
+            ctx = None
+            if platform.system().lower() == "darwin":
+                ctx = ssl._create_unverified_context()
+                
+            response = urllib.request.urlopen(request, context=ctx)
+            total = int(response.headers.get("Content-Length", 0))
             with tqdm(
                 total=total,
                 desc="Downloading",
                 unit="B",
                 unit_scale=True,
                 unit_divisor=1024,
             ) as progress:
-                urllib.request.urlretrieve(url, download_file_path, reporthook=lambda count, block_size, total_size: progress.update(block_size))  # type: ignore[attr-defined]
+                with open(download_file_path, "wb") as f:
+                    while True:
+                        buffer = response.read(8192)
+                        if not buffer:
+                            break
+                        f.write(buffer)
+                        progress.update(len(buffer))
 
 
 def resolve_relative_path(path: str) -> str: