diff --git a/app/routes.py b/app/routes.py
index d2d446c..b175d77 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -66,11 +66,7 @@ def before_request_func():
app.user_elements.update({session['uuid']: 0})
# Handle https upgrade
- https_only = os.getenv('HTTPS_ONLY', False)
- is_heroku = request.url.endswith('.herokuapp.com')
- is_http = request.url.startswith('http://')
-
- if (is_heroku and is_http) or (https_only and is_http):
+ if needs_https(request.url):
return redirect(
request.url.replace('http://', 'https://', 1),
code=308)
@@ -80,7 +76,7 @@ def before_request_func():
if not g.user_config.url:
g.user_config.url = request.url_root.replace(
'http://',
- 'https://') if https_only else request.url_root
+ 'https://') if os.getenv('HTTPS_ONLY', False) else request.url_root
g.user_request = Request(
request.headers.get('User-Agent'),
@@ -146,6 +142,10 @@ def opensearch():
if opensearch_url.endswith('/'):
opensearch_url = opensearch_url[:-1]
+ # Enforce https for opensearch template
+ if needs_https(opensearch_url):
+ opensearch_url = opensearch_url.replace('http://', 'https://', 1)
+
get_only = g.user_config.get_only or 'Chrome' in request.headers.get(
'User-Agent')
diff --git a/app/utils/routing_utils.py b/app/utils/routing_utils.py
index 3822d48..55a6253 100644
--- a/app/utils/routing_utils.py
+++ b/app/utils/routing_utils.py
@@ -5,10 +5,19 @@ from bs4 import BeautifulSoup as bsoup
from cryptography.fernet import Fernet, InvalidToken
from flask import g
from typing import Any, Tuple
+import os
TOR_BANNER = '
You are using Tor
'
+def needs_https(url: str) -> bool:
+ https_only = os.getenv('HTTPS_ONLY', False)
+ is_heroku = url.endswith('.herokuapp.com')
+ is_http = url.startswith('http://')
+
+ return (is_heroku and is_http) or (https_only and is_http)
+
+
class RoutingUtils:
def __init__(self, request, config, session, cookies_disabled=False):
method = request.method