Archives
/
whoogle-search
mirror of https://github.com/benbusby/whoogle-search
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/pip/jinja2-3.1.4
dependabot/pip/werkzeug-3.0.3
main
dependabot/pip/idna-3.7
0.2.0
v0.0.1
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.2.1
v0.3.0
v0.3.1
v0.3.2
v0.4.0
v0.4.1
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.6.0
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '08b16f5a0c'
${ noResults }
whoogle-search/app/__init__.py

181 lines
6.5 KiB
Python
Raw Normal View History Unescape Escape

Add fallback interface/search lang + cleanup Since the interface language defaults to IP geolocation by google, the default language is now set to english. Still not sure if this is the best solution, but at least temporarily should clear up some confusion for users with instances deployed in countries outside of their own. Also performed some minor cleanup: - Updated name of strip_blocked_sites to clean_query - Added clean_query to list of jinja template functions - Ensured site block list doesn't contain duplicate filters
3 years ago
from app.filter import clean_query
Add tor and http/socks proxy support (#137) * Add tor and http/socks proxy support Allows users to enable/disable tor from the config menu, which will forward all requests through Tor. Also adds support for setting environment variables for alternative proxy support. Setting the following variables will forward requests through the proxy: - WHOOGLE_PROXY_USER (optional) - WHOOGLE_PROXY_PASS (optional) - WHOOGLE_PROXY_TYPE (required) - Can be "http", "socks4", or "socks5" - WHOOGLE_PROXY_LOC (required) - Format: "<ip address>:<port>" See #30 * Refactor acquire_tor_conn -> acquire_tor_identity Also updated travis CI to set up tor * Add check for Tor socket on init, improve Tor error handling Initializing the app sends a heartbeat request to Tor to check for availability, and updates the home page config options accordingly. This heartbeat is sent on every request, to ensure Tor support can be reconfigured without restarting the entire app. If Tor support is enabled, and a subsequent request fails, then a new TorError exception is raised, and the Tor feature is disabled until a valid connection is restored. The max attempts has been updated to 10, since 5 seemed a bit too low for how quickly the attempts go by. * Change send_tor_signal arg type, update function doc send_tor_signal now accepts a stem.Signal arg (a bit cleaner tbh). Also added the doc string for the "disable" attribute in TorError. * Fix tor identity logic in Request.send * Update proxy init, change proxyloc var name Proxy is now only initialized if both type and location are specified, as neither have a default fallback and both are required. I suppose the type could fall back to http, but seems safer this way. Also refactored proxyurl -> proxyloc for the runtime args in order to match the Dockerfile args. * Add tor/proxy support for Docker builds, fix opensearch/init The Dockerfile is now updated to include support for Tor configuration, with a working torrc file included in the repo. An issue with opensearch was fixed as well, which was uncovered during testing and was simple enough to fix here. Likewise, DDG bang gen was updated to only ever happen if the file didn't exist previously, as testing with the file being regenerated every time was tedious. * Add missing "@" for socks proxy requests
4 years ago
from app.request import send_tor_signal
Switch to single Fernet key per session This moves away from the previous (messy) approach of using two separate keys for decrypting text and element URLs separately and regenerating them for new searches. The current implementation of sessions is not very reliable, which lead to keys being regenerated too soon, which would break page navigation. Until that can be addressed, the single key per session approach should work a lot better. Fixes #250 Fixes #90
3 years ago
from app.utils.session import generate_user_key
Improve naming of *_utils files, update fn/class doc The app/utils/*_utils weren't named very well, and all have been updated to have more accurate names. Function and class documention for the utils have been updated as well, as part of the effort to improve overall documentation for the project.
3 years ago
from app.utils.bangs import gen_bangs_json
Read `WHOOGLE_CONFIG_DISABLE` var as bool in app init Fixes #636, which pointed out that the var was being interpreted as "active" (config hidden) regardless of the value that was set.
2 years ago
from app.utils.misc import gen_file_hash, read_config_bool
Refactor session behavior, remove `Flask-Session` dep Sessions are no longer validated using the "/session/..." route. This created a lot of problems due to buggy/unexpected behavior coming from the Flask-Session dependency, which is (more or less) no longer maintained. Sessions are also no longer strictly server-side-only. The majority of information that was being stored in user sessions was aesthetic only, aside from the session specific key used to encrypt URLs. This key is still unique per user, but is not (or shouldn't be) in anyone's threat model to keep absolutely 100% private from everyone. Especially paranoid users of Whoogle can easily modify the code to use a randomly generated encryption key that is reset on session invalidation (and set invalidation time to a short enough period for their liking). Ultimately, this should result in much more stable sessions per client. There shouldn't be decryption issues with element URLs or queries during result page navigation.
2 years ago
from base64 import b64encode
Check for updates using 24 hour time delta Rather than only checking for an available update on app init, the check for updates now performs the check once every 24 hours on the first request sent after that period. This also now catches the requests.exceptions.ConnectionError that is thrown if the app is initialized without an active internet connection. Fixes #649
2 years ago
from datetime import datetime, timedelta
Initial commit
4 years ago
from flask import Flask
Move language/country settings to app config Moves the language and country dicts from the config model to json files that are loaded during app init and stored in the app config dict. This substantially improves the readability of the config model and allows for much more sensible loading of the language/country options.
3 years ago
import json
Disable logging from imported modules The logging from imported modules (stem, in particular) has caused quite a few users to assume there are errors where there aren't any. The logs from stem also aren't helpful, as everything in the library works as expected despite the implication from the logs that it is not working.
3 years ago
import logging.config
Initial commit
4 years ago
import os
Add tor and http/socks proxy support (#137) * Add tor and http/socks proxy support Allows users to enable/disable tor from the config menu, which will forward all requests through Tor. Also adds support for setting environment variables for alternative proxy support. Setting the following variables will forward requests through the proxy: - WHOOGLE_PROXY_USER (optional) - WHOOGLE_PROXY_PASS (optional) - WHOOGLE_PROXY_TYPE (required) - Can be "http", "socks4", or "socks5" - WHOOGLE_PROXY_LOC (required) - Format: "<ip address>:<port>" See #30 * Refactor acquire_tor_conn -> acquire_tor_identity Also updated travis CI to set up tor * Add check for Tor socket on init, improve Tor error handling Initializing the app sends a heartbeat request to Tor to check for availability, and updates the home page config options accordingly. This heartbeat is sent on every request, to ensure Tor support can be reconfigured without restarting the entire app. If Tor support is enabled, and a subsequent request fails, then a new TorError exception is raised, and the Tor feature is disabled until a valid connection is restored. The max attempts has been updated to 10, since 5 seemed a bit too low for how quickly the attempts go by. * Change send_tor_signal arg type, update function doc send_tor_signal now accepts a stem.Signal arg (a bit cleaner tbh). Also added the doc string for the "disable" attribute in TorError. * Fix tor identity logic in Request.send * Update proxy init, change proxyloc var name Proxy is now only initialized if both type and location are specified, as neither have a default fallback and both are required. I suppose the type could fall back to http, but seems safer this way. Also refactored proxyurl -> proxyloc for the runtime args in order to match the Dockerfile args. * Add tor/proxy support for Docker builds, fix opensearch/init The Dockerfile is now updated to include support for Tor configuration, with a working torrc file included in the repo. An issue with opensearch was fixed as well, which was uncovered during testing and was simple enough to fix here. Likewise, DDG bang gen was updated to only ever happen if the file didn't exist previously, as testing with the file being regenerated every time was tedious. * Add missing "@" for socks proxy requests
4 years ago
from stem import Signal
Move bangs init to bg thread Initializing the DDG bangs when running whoogle for the first time creates an indeterminate amount of delay before the app becomes usable, which makes usability tests (particularly w/ Docker) unreliable. This moves the bang json init to a background thread and writes a temporary empty dict to the bangs json file until the full bangs json can be used.
2 years ago
import threading
Allow setting environment variables in whoogle.env (#237) This allows the user to enable their preferred settings in a variety of ways, depending on their deployment preference. Values added to whoogle.env can be enabled using WHOOGLE_DOTENV=1, in which case all values in the env var file will overwrite defaults or user provided settings. Co-authored-by: Ben Busby <benbusby@protonmail.com>
3 years ago
from dotenv import load_dotenv
Initial commit
4 years ago
Add proxyfix to honor `X-Forwarded-Proto` header (#731) Fixes #730
2 years ago
from werkzeug.middleware.proxy_fix import ProxyFix
Use `read_config_bool` for vars in app init (#848)
2 years ago
from app.utils.misc import read_config_bool
Switch to PEP517 standard for builds (#887) * Sync setup.cfg with requirements.txt * Include tests in PyPI tarballs And exclude them from setuptools * Set version number only once Switch to PEP517 standard (pyproject.toml) for builds
1 year ago
from app.version import __version__
Use `read_config_bool` for vars in app init (#848)
2 years ago
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
app = Flask(__name__, static_folder=os.path.dirname(
os.path.abspath(__file__)) + '/static')
Allow setting environment variables in whoogle.env (#237) This allows the user to enable their preferred settings in a variety of ways, depending on their deployment preference. Values added to whoogle.env can be enabled using WHOOGLE_DOTENV=1, in which case all values in the env var file will overwrite defaults or user provided settings. Co-authored-by: Ben Busby <benbusby@protonmail.com>
3 years ago
Add proxyfix to honor `X-Forwarded-Proto` header (#731) Fixes #730
2 years ago
app.wsgi_app = ProxyFix(app.wsgi_app)
Refactor session behavior, remove `Flask-Session` dep Sessions are no longer validated using the "/session/..." route. This created a lot of problems due to buggy/unexpected behavior coming from the Flask-Session dependency, which is (more or less) no longer maintained. Sessions are also no longer strictly server-side-only. The majority of information that was being stored in user sessions was aesthetic only, aside from the session specific key used to encrypt URLs. This key is still unique per user, but is not (or shouldn't be) in anyone's threat model to keep absolutely 100% private from everyone. Especially paranoid users of Whoogle can easily modify the code to use a randomly generated encryption key that is reset on session invalidation (and set invalidation time to a short enough period for their liking). Ultimately, this should result in much more stable sessions per client. There shouldn't be decryption issues with element URLs or queries during result page navigation.
2 years ago
dot_env_path = (
os.path.join(os.path.dirname(os.path.abspath(__file__)),
'../whoogle.env'))
Allow setting environment variables in whoogle.env (#237) This allows the user to enable their preferred settings in a variety of ways, depending on their deployment preference. Values added to whoogle.env can be enabled using WHOOGLE_DOTENV=1, in which case all values in the env var file will overwrite defaults or user provided settings. Co-authored-by: Ben Busby <benbusby@protonmail.com>
3 years ago
# Load .env file if enabled
Use `read_config_bool` for vars in app init (#848)
2 years ago
if read_config_bool('WHOOGLE_DOTENV'):
Refactor session behavior, remove `Flask-Session` dep Sessions are no longer validated using the "/session/..." route. This created a lot of problems due to buggy/unexpected behavior coming from the Flask-Session dependency, which is (more or less) no longer maintained. Sessions are also no longer strictly server-side-only. The majority of information that was being stored in user sessions was aesthetic only, aside from the session specific key used to encrypt URLs. This key is still unique per user, but is not (or shouldn't be) in anyone's threat model to keep absolutely 100% private from everyone. Especially paranoid users of Whoogle can easily modify the code to use a randomly generated encryption key that is reset on session invalidation (and set invalidation time to a short enough period for their liking). Ultimately, this should result in much more stable sessions per client. There shouldn't be decryption issues with element URLs or queries during result page navigation.
2 years ago
load_dotenv(dot_env_path)
Allow setting environment variables in whoogle.env (#237) This allows the user to enable their preferred settings in a variety of ways, depending on their deployment preference. Values added to whoogle.env can be enabled using WHOOGLE_DOTENV=1, in which case all values in the env var file will overwrite defaults or user provided settings. Co-authored-by: Ben Busby <benbusby@protonmail.com>
3 years ago
Switch to single Fernet key per session This moves away from the previous (messy) approach of using two separate keys for decrypting text and element URLs separately and regenerating them for new searches. The current implementation of sessions is not very reliable, which lead to keys being regenerated too soon, which would break page navigation. Until that can be addressed, the single key per session approach should work a lot better. Fixes #250 Fixes #90
3 years ago
app.default_key = generate_user_key()
Improve cookie security when `HTTPS_ONLY` is set Adds the "Secure" flag and "__Secure-" prefix if the `HTTPS_ONLY` environment variable is enabled. Fixes #539
3 years ago
Use `read_config_bool` for vars in app init (#848)
2 years ago
if read_config_bool('HTTPS_ONLY'):
Improve cookie security when `HTTPS_ONLY` is set Adds the "Secure" flag and "__Secure-" prefix if the `HTTPS_ONLY` environment variable is enabled. Fixes #539
3 years ago
app.config['SESSION_COOKIE_NAME'] = '__Secure-session'
app.config['SESSION_COOKIE_SECURE'] = True
Switch to PEP517 standard for builds (#887) * Sync setup.cfg with requirements.txt * Include tests in PyPI tarballs And exclude them from setuptools * Set version number only once Switch to PEP517 standard (pyproject.toml) for builds
1 year ago
app.config['VERSION_NUMBER'] = __version__
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
app.config['APP_ROOT'] = os.getenv(
'APP_ROOT',
os.path.dirname(os.path.abspath(__file__)))
app.config['STATIC_FOLDER'] = os.getenv(
'STATIC_FOLDER',
os.path.join(app.config['APP_ROOT'], 'static'))
Use cache busting for css/js files On app init, short hashes are generated from file checksums to use for cache busting. These hashes are added into the full file name and used to symlink to the actual file contents. These symlinks are loaded in the jinja templates for each page, and can tell the browser to load a new file if the hash changes. This is only in place for css and js files, but can be extended in the future for other file types if needed.
3 years ago
app.config['BUILD_FOLDER'] = os.path.join(
app.config['STATIC_FOLDER'], 'build')
app.config['CACHE_BUSTING_MAP'] = {}
Allow user-defined CSS/theming (#227) * Add custom CSS field to config This allows users to set/customize an instance's theme and appearance to their liking. The config CSS field is prepopulated with all default CSS variable values to allow quick editing. Note that this can be somewhat of a "footgun" if someone updates the CSS to hide all fields/search/etc. Should probably add some sort of bandaid "admin" feature for public instances to employ until the whole cookie/session issue is investigated further. * Symlink all app static files to test dir * Refactor app/misc/*.json -> app/static/settings/*.json The country/language json files are used for user config settings, so the "misc" name didn't really make sense. Also moved these to the static folder to make testing easier. * Fix light theme variables in dark theme css * Minor style tweaking
3 years ago
app.config['LANGUAGES'] = json.load(open(
Use UTF-8 encoding when loading languages json Fixes #371
3 years ago
os.path.join(app.config['STATIC_FOLDER'], 'settings/languages.json'),
encoding='utf-8'))
Allow user-defined CSS/theming (#227) * Add custom CSS field to config This allows users to set/customize an instance's theme and appearance to their liking. The config CSS field is prepopulated with all default CSS variable values to allow quick editing. Note that this can be somewhat of a "footgun" if someone updates the CSS to hide all fields/search/etc. Should probably add some sort of bandaid "admin" feature for public instances to employ until the whole cookie/session issue is investigated further. * Symlink all app static files to test dir * Refactor app/misc/*.json -> app/static/settings/*.json The country/language json files are used for user config settings, so the "misc" name didn't really make sense. Also moved these to the static folder to make testing easier. * Fix light theme variables in dark theme css * Minor style tweaking
3 years ago
app.config['COUNTRIES'] = json.load(open(
Use UTF-8 encoding when loading json files Fixes #581
2 years ago
os.path.join(app.config['STATIC_FOLDER'], 'settings/countries.json'),
encoding='utf-8'))
Support basic localization (#325) * Replace hardcoded strings using translation json file This introduces a new "translations.json" file under app/static/settings that is loaded on app init and uses the user config value for interface language to determine the appropriate strings to use in Whoogle-specific elements of the UI (primarily only on the home page). * Verify interface lang can be used for localization Check the configured interface language against the available localization dict before attempting to use, otherwise fall back to english. Also expanded language names in the languages json file. * Add test for validating translation language keys Also adds Spanish translation to json (the only non-English language I can add and reasonably validate on my own). * Validate all translations against original keyset, update readme Readme has been updated to include basic contributing guidelines for both code and translations.
3 years ago
app.config['TRANSLATIONS'] = json.load(open(
Use UTF-8 encoding when loading json files Fixes #581
2 years ago
os.path.join(app.config['STATIC_FOLDER'], 'settings/translations.json'),
encoding='utf-8'))
Allow theme to mirror user system settings Introduces a new config element and environment variable (WHOOGLE_CONFIG_THEME) for setting the theme of the app. Rather than just having either light or dark, this allows a user to have their instance use their current system light/dark preference to determine the theme to use. As a result, the dark mode setting (and WHOOGLE_CONFIG_DARK) have been deprecated, but will still work as expected until a system theme has been chosen.
3 years ago
app.config['THEMES'] = json.load(open(
Use UTF-8 encoding when loading json files Fixes #581
2 years ago
os.path.join(app.config['STATIC_FOLDER'], 'settings/themes.json'),
encoding='utf-8'))
Use consistent header for all result types (#535) Introduces a header for switching between result types (i.e. "All", "News", etc) that is consistent between the different result types. Previously, image results had a tab header that was formatted in a drastically different manner, which was jarring when switching from a different result page to the Images page. Created a G class enum to reference class names returned in search results. As noted in the class doc, this should only be used/updated as a last resort, as class names change frequently. For some instances, such as replacing the tbm tab, it's a lot easier to just replace by header name than attempting to replace it based on how the element is structured. Also updated a few styles to revert the latest styling changes being applied by Google. Co-authored-by: jacr13 <ramos.joao@protonmail.com> Co-authored-by: Ben Busby <contact@benbusby.com>
2 years ago
app.config['HEADER_TABS'] = json.load(open(
os.path.join(app.config['STATIC_FOLDER'], 'settings/header_tabs.json'),
encoding='utf-8'))
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
app.config['CONFIG_PATH'] = os.getenv(
'CONFIG_VOLUME',
os.path.join(app.config['STATIC_FOLDER'], 'config'))
app.config['DEFAULT_CONFIG'] = os.path.join(
app.config['CONFIG_PATH'],
'config.json')
Read `WHOOGLE_CONFIG_DISABLE` var as bool in app init Fixes #636, which pointed out that the var was being interpreted as "active" (config hidden) regardless of the value that was set.
2 years ago
app.config['CONFIG_DISABLE'] = read_config_bool('WHOOGLE_CONFIG_DISABLE')
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
app.config['SESSION_FILE_DIR'] = os.path.join(
app.config['CONFIG_PATH'],
'session')
Check file sizes in session dir before validation For pip installed instances of Whoogle, there seems to be an issue where files other than sessions are being stored in the same directory as the sessions. From a brief investigation, this does not seem to be caused by Whoogle, since Flask-Session objects are the only files stored in that directory. It could be an issue with the library that is being used for sessions, however. Regardless, the app shouldn't crash when trying to validate and remove invalid sessions, so a file size limit of 4KB was imposed during validation. Any file found in the session directory that exceeds this size limit will be ignored. Fixes #777 Fixes #793
2 years ago
app.config['MAX_SESSION_SIZE'] = 4000 # Sessions won't exceed 4KB
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
app.config['BANG_PATH'] = os.getenv(
'CONFIG_VOLUME',
os.path.join(app.config['STATIC_FOLDER'], 'bangs'))
app.config['BANG_FILE'] = os.path.join(
app.config['BANG_PATH'],
'bangs.json')
Check for updates using 24 hour time delta Rather than only checking for an available update on app init, the check for updates now performs the check once every 24 hours on the first request sent after that period. This also now catches the requests.exceptions.ConnectionError that is thrown if the app is initialized without an active internet connection. Fixes #649
2 years ago
Refactor session behavior, remove `Flask-Session` dep Sessions are no longer validated using the "/session/..." route. This created a lot of problems due to buggy/unexpected behavior coming from the Flask-Session dependency, which is (more or less) no longer maintained. Sessions are also no longer strictly server-side-only. The majority of information that was being stored in user sessions was aesthetic only, aside from the session specific key used to encrypt URLs. This key is still unique per user, but is not (or shouldn't be) in anyone's threat model to keep absolutely 100% private from everyone. Especially paranoid users of Whoogle can easily modify the code to use a randomly generated encryption key that is reset on session invalidation (and set invalidation time to a short enough period for their liking). Ultimately, this should result in much more stable sessions per client. There shouldn't be decryption issues with element URLs or queries during result page navigation.
2 years ago
# Ensure all necessary directories exist
if not os.path.exists(app.config['CONFIG_PATH']):
os.makedirs(app.config['CONFIG_PATH'])
if not os.path.exists(app.config['SESSION_FILE_DIR']):
os.makedirs(app.config['SESSION_FILE_DIR'])
if not os.path.exists(app.config['BANG_PATH']):
os.makedirs(app.config['BANG_PATH'])
if not os.path.exists(app.config['BUILD_FOLDER']):
os.makedirs(app.config['BUILD_FOLDER'])
# Session values
app_key_path = os.path.join(app.config['CONFIG_PATH'], 'whoogle.key')
if os.path.exists(app_key_path):
app.config['SECRET_KEY'] = open(app_key_path, 'r').read()
else:
app.config['SECRET_KEY'] = str(b64encode(os.urandom(32)))
with open(app_key_path, 'w') as key_file:
key_file.write(app.config['SECRET_KEY'])
key_file.close()
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=365)
# NOTE: SESSION_COOKIE_SAMESITE must be set to 'lax' to allow the user's
# previous session to persist when accessing the instance from an external
# link. Setting this value to 'strict' causes Whoogle to revalidate a new
# session, and fail, resulting in cookies being disabled.
app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'
Check for updates using 24 hour time delta Rather than only checking for an available update on app init, the check for updates now performs the check once every 24 hours on the first request sent after that period. This also now catches the requests.exceptions.ConnectionError that is thrown if the app is initialized without an active internet connection. Fixes #649
2 years ago
# Config fields that are used to check for updates
Add "update available" indicator to footer (#517) This checks the latest released version of Whoogle against the current app version, and shows an "update available" message if the current version num < latest release num. Closes #305
3 years ago
app.config['RELEASES_URL'] = 'https://github.com/' \
'benbusby/whoogle-search/releases'
Check for updates using 24 hour time delta Rather than only checking for an available update on app init, the check for updates now performs the check once every 24 hours on the first request sent after that period. This also now catches the requests.exceptions.ConnectionError that is thrown if the app is initialized without an active internet connection. Fixes #649
2 years ago
app.config['LAST_UPDATE_CHECK'] = datetime.now() - timedelta(hours=24)
app.config['HAS_UPDATE'] = ''
Add lingva translation support in search (#360) * Add support for Lingva translations in results Searches that contain the word "translate" and are normal search queries (i.e. not news/images/video/etc) now create an iframe to a Lingva url to translate the user's search using their configured search language. The Lingva url can be configured using the WHOOGLE_ALT_TL env var, or will fall back to the official Lingva instance url (lingva.ml). For more info, visit https://github.com/TheDavidDelta/lingva-translate * Add basic test for lingva results * Allow user specified lingva instances through csp frame-src * Fix pep8 issue
3 years ago
# The alternative to Google Translate is treated a bit differently than other
# social media site alternatives, in that it is used for any translation
# related searches.
Update remaining alternative frontends to use Farside Wikipedia, imgur, and translate alternatives were all still using hardcoded URLs when replaced with their respective alternative frontend. This updates them to use farside instead.
2 years ago
translate_url = os.getenv('WHOOGLE_ALT_TL', 'https://farside.link/lingva')
Add lingva translation support in search (#360) * Add support for Lingva translations in results Searches that contain the word "translate" and are normal search queries (i.e. not news/images/video/etc) now create an iframe to a Lingva url to translate the user's search using their configured search language. The Lingva url can be configured using the WHOOGLE_ALT_TL env var, or will fall back to the official Lingva instance url (lingva.ml). For more info, visit https://github.com/TheDavidDelta/lingva-translate * Add basic test for lingva results * Allow user specified lingva instances through csp frame-src * Fix pep8 issue
3 years ago
if not translate_url.startswith('http'):
translate_url = 'https://' + translate_url
app.config['TRANSLATE_URL'] = translate_url
Send CSP header in all responses Introduces a new content security policy header for responses to all requests to reduce the possibility of ip leaks to outside connections. By default blocks all inline scripts, and only allows content loaded from Whoogle. Refactors a few small inline scripting cases in the project to their own individual scripts.
3 years ago
app.config['CSP'] = 'default-src \'none\';' \
Add lingva translation support in search (#360) * Add support for Lingva translations in results Searches that contain the word "translate" and are normal search queries (i.e. not news/images/video/etc) now create an iframe to a Lingva url to translate the user's search using their configured search language. The Lingva url can be configured using the WHOOGLE_ALT_TL env var, or will fall back to the official Lingva instance url (lingva.ml). For more info, visit https://github.com/TheDavidDelta/lingva-translate * Add basic test for lingva results * Allow user specified lingva instances through csp frame-src * Fix pep8 issue
3 years ago
'frame-src ' + translate_url + ';' \
Handle manifest-src in CSP (#231)
3 years ago
'manifest-src \'self\';' \
Allow 'data:' for img src in app CSP Disallowing base64 images in the app resulted in broken image placeholders for things like pronunciation guides, business reviews, etc.
3 years ago
'img-src \'self\' data:;' \
Send CSP header in all responses Introduces a new content security policy header for responses to all requests to reduce the possibility of ip leaks to outside connections. By default blocks all inline scripts, and only allows content loaded from Whoogle. Refactors a few small inline scripting cases in the project to their own individual scripts.
3 years ago
'style-src \'self\' \'unsafe-inline\';' \
'script-src \'self\';' \
'media-src \'self\';' \
Remove form action from csp Restricting form-action to 'self' in the content security policy prevented Chrome (and likely other browsers) from using !bangs on the home page. Fixes #408
3 years ago
'connect-src \'self\';'
Project refactor (#85) * Major refactor of requests and session management - Switches from pycurl to requests library - Allows for less janky decoding, especially with non-latin character sets - Adds session level management of user configs - Allows for each session to set its own config (people are probably going to complain about this, though not sure if it'll be the same number of people who are upset that their friends/family have to share their config) - Updates key gen/regen to more aggressively swap out keys after each request * Added ability to save/load configs by name - New PUT method for config allows changing config with specified name - New methods in js controller to handle loading/saving of configs * Result formatting and removal of unused elements - Fixed question section formatting from results page (added appropriate padding and made questions styled as italic) - Removed user agent display from main config settings * Minor change to button label * Fixed issue with "de-pickling" of flask session Having a gitignore-everything ("*") file within a flask session folder seems to cause a weird bug where the state of the app becomes unusable from continuously trying to prune files listed in the gitignore (and it can't prune '*'). * Switched to pickling saved configs * Updated ad/sponsored content filter and conf naming Configs are now named with a .conf extension to allow for easier manual cleanup/modification of named config files Sponsored content now removed by basic string matching of span content * Version bump to 0.2.0 * Fixed request.send return style
4 years ago
Refactor session behavior, remove `Flask-Session` dep Sessions are no longer validated using the "/session/..." route. This created a lot of problems due to buggy/unexpected behavior coming from the Flask-Session dependency, which is (more or less) no longer maintained. Sessions are also no longer strictly server-side-only. The majority of information that was being stored in user sessions was aesthetic only, aside from the session specific key used to encrypt URLs. This key is still unique per user, but is not (or shouldn't be) in anyone's threat model to keep absolutely 100% private from everyone. Especially paranoid users of Whoogle can easily modify the code to use a randomly generated encryption key that is reset on session invalidation (and set invalidation time to a short enough period for their liking). Ultimately, this should result in much more stable sessions per client. There shouldn't be decryption issues with element URLs or queries during result page navigation.
2 years ago
# Generate DDG bang filter
Add tor and http/socks proxy support (#137) * Add tor and http/socks proxy support Allows users to enable/disable tor from the config menu, which will forward all requests through Tor. Also adds support for setting environment variables for alternative proxy support. Setting the following variables will forward requests through the proxy: - WHOOGLE_PROXY_USER (optional) - WHOOGLE_PROXY_PASS (optional) - WHOOGLE_PROXY_TYPE (required) - Can be "http", "socks4", or "socks5" - WHOOGLE_PROXY_LOC (required) - Format: "<ip address>:<port>" See #30 * Refactor acquire_tor_conn -> acquire_tor_identity Also updated travis CI to set up tor * Add check for Tor socket on init, improve Tor error handling Initializing the app sends a heartbeat request to Tor to check for availability, and updates the home page config options accordingly. This heartbeat is sent on every request, to ensure Tor support can be reconfigured without restarting the entire app. If Tor support is enabled, and a subsequent request fails, then a new TorError exception is raised, and the Tor feature is disabled until a valid connection is restored. The max attempts has been updated to 10, since 5 seemed a bit too low for how quickly the attempts go by. * Change send_tor_signal arg type, update function doc send_tor_signal now accepts a stem.Signal arg (a bit cleaner tbh). Also added the doc string for the "disable" attribute in TorError. * Fix tor identity logic in Request.send * Update proxy init, change proxyloc var name Proxy is now only initialized if both type and location are specified, as neither have a default fallback and both are required. I suppose the type could fall back to http, but seems safer this way. Also refactored proxyurl -> proxyloc for the runtime args in order to match the Dockerfile args. * Add tor/proxy support for Docker builds, fix opensearch/init The Dockerfile is now updated to include support for Tor configuration, with a working torrc file included in the repo. An issue with opensearch was fixed as well, which was uncovered during testing and was simple enough to fix here. Likewise, DDG bang gen was updated to only ever happen if the file didn't exist previously, as testing with the file being regenerated every time was tedious. * Add missing "@" for socks proxy requests
4 years ago
if not os.path.exists(app.config['BANG_FILE']):
Move bangs init to bg thread Initializing the DDG bangs when running whoogle for the first time creates an indeterminate amount of delay before the app becomes usable, which makes usability tests (particularly w/ Docker) unreliable. This moves the bang json init to a background thread and writes a temporary empty dict to the bangs json file until the full bangs json can be used.
2 years ago
json.dump({}, open(app.config['BANG_FILE'], 'w'))
bangs_thread = threading.Thread(
target=gen_bangs_json,
args=(app.config['BANG_FILE'],))
bangs_thread.start()
Finished basic implementation of DDG bang feature Initialization of the app now includes generation of a ddg-bang json file, which is used for all bang style searches afterwards. Also added search suggestion handling for bang json lookup. Queries beginning with "!" now reference the bang json file to pull all keys that match. Updated test suite to include basic tests for bang functionality. Updated gitignore to exclude bang subdir.
4 years ago
Use cache busting for css/js files On app init, short hashes are generated from file checksums to use for cache busting. These hashes are added into the full file name and used to symlink to the actual file contents. These symlinks are loaded in the jinja templates for each page, and can tell the browser to load a new file if the hash changes. This is only in place for css and js files, but can be extended in the future for other file types if needed.
3 years ago
# Build new mapping of static files for cache busting
cache_busting_dirs = ['css', 'js']
for cb_dir in cache_busting_dirs:
full_cb_dir = os.path.join(app.config['STATIC_FOLDER'], cb_dir)
for cb_file in os.listdir(full_cb_dir):
# Create hash from current file state
full_cb_path = os.path.join(full_cb_dir, cb_file)
cb_file_link = gen_file_hash(full_cb_dir, cb_file)
build_path = os.path.join(app.config['BUILD_FOLDER'], cb_file_link)
Ensure existence of static build dir
3 years ago
try:
os.symlink(full_cb_path, build_path)
except FileExistsError:
# Symlink hasn't changed, ignore
pass
Use cache busting for css/js files On app init, short hashes are generated from file checksums to use for cache busting. These hashes are added into the full file name and used to symlink to the actual file contents. These symlinks are loaded in the jinja templates for each page, and can tell the browser to load a new file if the hash changes. This is only in place for css and js files, but can be extended in the future for other file types if needed.
3 years ago
# Create mapping for relative path urls
map_path = build_path.replace(app.config['APP_ROOT'], '')
if map_path.startswith('/'):
map_path = map_path[1:]
app.config['CACHE_BUSTING_MAP'][cb_file] = map_path
# Templating functions
app.jinja_env.globals.update(clean_query=clean_query)
app.jinja_env.globals.update(
cb_url=lambda f: app.config['CACHE_BUSTING_MAP'][f])
Add tor and http/socks proxy support (#137) * Add tor and http/socks proxy support Allows users to enable/disable tor from the config menu, which will forward all requests through Tor. Also adds support for setting environment variables for alternative proxy support. Setting the following variables will forward requests through the proxy: - WHOOGLE_PROXY_USER (optional) - WHOOGLE_PROXY_PASS (optional) - WHOOGLE_PROXY_TYPE (required) - Can be "http", "socks4", or "socks5" - WHOOGLE_PROXY_LOC (required) - Format: "<ip address>:<port>" See #30 * Refactor acquire_tor_conn -> acquire_tor_identity Also updated travis CI to set up tor * Add check for Tor socket on init, improve Tor error handling Initializing the app sends a heartbeat request to Tor to check for availability, and updates the home page config options accordingly. This heartbeat is sent on every request, to ensure Tor support can be reconfigured without restarting the entire app. If Tor support is enabled, and a subsequent request fails, then a new TorError exception is raised, and the Tor feature is disabled until a valid connection is restored. The max attempts has been updated to 10, since 5 seemed a bit too low for how quickly the attempts go by. * Change send_tor_signal arg type, update function doc send_tor_signal now accepts a stem.Signal arg (a bit cleaner tbh). Also added the doc string for the "disable" attribute in TorError. * Fix tor identity logic in Request.send * Update proxy init, change proxyloc var name Proxy is now only initialized if both type and location are specified, as neither have a default fallback and both are required. I suppose the type could fall back to http, but seems safer this way. Also refactored proxyurl -> proxyloc for the runtime args in order to match the Dockerfile args. * Add tor/proxy support for Docker builds, fix opensearch/init The Dockerfile is now updated to include support for Tor configuration, with a working torrc file included in the repo. An issue with opensearch was fixed as well, which was uncovered during testing and was simple enough to fix here. Likewise, DDG bang gen was updated to only ever happen if the file didn't exist previously, as testing with the file being regenerated every time was tedious. * Add missing "@" for socks proxy requests
4 years ago
# Attempt to acquire tor identity, to determine if Tor config is available
send_tor_signal(Signal.HEARTBEAT)
PEP-8: Fix formatting issues, add CI workflow (#161) Enforces PEP-8 formatting for all python code Adds a github action build for checking pep8 formatting using pycodestyle
3 years ago
from app import routes # noqa
Disable logging from imported modules The logging from imported modules (stem, in particular) has caused quite a few users to assume there are errors where there aren't any. The logs from stem also aren't helpful, as everything in the library works as expected despite the implication from the logs that it is not working.
3 years ago
# Disable logging from imported modules
logging.config.dictConfig({
'version': 1,
'disable_existing_loggers': True,
})