fix: Enhance cross-platform path parsing and public image access

[Cristhianzl]

This pull request improves the cross-platform compatibility and security of file path handling in the storage service, and strengthens the testing of image download endpoints. The most significant changes include refactoring path parsing to robustly support Windows and Unix-style paths, ensuring the /images endpoint does not require authentication (critical for browser compatibility), and adding comprehensive tests for both functionalities.

Path handling improvements:

• Refactored LocalStorageService.parse_file_path to use pathlib.Path for robust, cross-platform path parsing, ensuring correct behavior on both Windows and Unix systems, and normalizing slashes for consistency. [1] [2]
• Added new and expanded tests for parse_file_path covering Windows-style paths, mixed slashes, edge cases, and deeply nested paths to ensure reliability across different platforms and scenarios.

Image download endpoint changes:

• Updated the /images endpoint to explicitly not require authentication, with clear documentation explaining the security rationale (UUID-based obscurity) and browser compatibility needs.
• Added a suite of regression and feature tests to guarantee that the /images endpoint remains public, returns correct content types, rejects non-image files, and handles invalid flow IDs gracefully.

General improvements:

• Improved imports and test setup for clarity and maintainability. [1] [2]

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch release-1.7.2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Frontend Unit Test Coverage Report

Coverage Summary

Lines	Statements	Branches	Functions
	15.62% (4292/27461)	8.74% (1840/21036)	9.85% (596/6048)

Unit Test Results

Tests	Skipped	Failures	Errors	Time
1706	0 💤	0 ❌	0 🔥	21.403s ⏱️

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 33.28%. Comparing base (6aa9178) to head (c867670).

❌ Your project check has failed because the head coverage (39.96%) is below the target coverage (60.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@                Coverage Diff                @@
##           release-1.7.1   #11152      +/-   ##
=================================================
+ Coverage          33.22%   33.28%   +0.06%     
=================================================
  Files               1370     1370              
  Lines              64073    64077       +4     
  Branches            9418     9418              
=================================================
+ Hits               21287    21330      +43     
+ Misses             41735    41696      -39     
  Partials            1051     1051              

Flag	Coverage Δ
backend	53.41% <100.00%> (+0.18%)	⬆️
frontend	14.48% <100.00%> (+0.03%)	⬆️
lfx	39.96% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
src/backend/base/langflow/api/v1/files.py	75.30% <100.00%> (+8.43%)	⬆️
...rc/backend/base/langflow/services/storage/local.py	87.75% <100.00%> (+0.52%)	⬆️
.../chatView/fileComponent/utils/format-file-name.tsx	100.00% <100.00%> (+100.00%)	⬆️

... and 8 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.