mirror of
https://github.com/searxng/searxng
synced 2024-11-09 01:10:26 +00:00
1ec325adcc
In order to be able to meet the outstanding requirements, the implementation is modularized and supplemented with documentation. This patch does not contain functional change, except it fixes issue #2455 ---- Aktivate limiter in the settings.yml and simulate a bot request by:: curl -H 'Accept-Language: de-DE,en-US;q=0.7,en;q=0.3' \ -H 'Accept: text/html' -H 'User-Agent: xyz' \ -H 'Accept-Encoding: gzip' \ 'http://127.0.0.1:8888/search?q=foo' In the LOG: DEBUG searx.botdetection.link_token : missing ping for this request: ..... Since ``BURST_MAX_SUSPICIOUS = 2`` you can repeat the query above two time before you get a "Too Many Requests" response. Closes: https://github.com/searxng/searxng/issues/2455 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
25 lines
599 B
Python
25 lines
599 B
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
# lint: pylint
|
|
"""
|
|
Method ``http_accept``
|
|
----------------------
|
|
|
|
The ``http_accept`` method evaluates a request as the request of a bot if the
|
|
Accept_ header ..
|
|
|
|
- did not contain ``text/html``
|
|
|
|
.. _Accept:
|
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept
|
|
|
|
"""
|
|
|
|
from typing import Optional, Tuple
|
|
import flask
|
|
|
|
|
|
def filter_request(request: flask.Request) -> Optional[Tuple[int, str]]:
|
|
if 'text/html' not in request.accept_mimetypes:
|
|
return 429, "bot detected, HTTP header Accept did not contain text/html"
|
|
return None
|