Commit Graph

149 Commits

Author SHA1 Message Date
Ben Busby
b1227bde01
Bump version to 0.3.2 2021-04-02 13:24:11 -04:00
Ben Busby
e2114bc698
Revert heroku app https upgrade fix 2021-04-02 08:53:41 -04:00
Ben Busby
a0110fda8d
Switch to single Fernet key per session
This moves away from the previous (messy) approach of using two separate
keys for decrypting text and element URLs separately and regenerating
them for new searches. The current implementation of sessions is not very
reliable, which lead to keys being regenerated too soon, which would
break page navigation. Until that can be addressed, the single
key per session approach should work a lot better.

Fixes #250

Fixes #90
2021-04-01 00:23:30 -04:00
Ben Busby
86ae2bda3e
Hotfix: Upgrade heroku apps to https for all endpoints
The previous implementation of the is_heroku check in
search.needs_https() was implemented to only match URLs ending in
'.herokuapp.com', and skipped upgrading to HTTPS for other endpoints.
2021-03-31 12:14:38 -04:00
Ben Busby
fb863b5b52
Hotfix: Set EU consent cookie to pending for all requests
See discussion on #243
2021-03-31 09:50:13 -04:00
Ben Busby
9c01c15c39
Allow defining initial config state w/ env vars
This introduces a set of environment variables that can be used for
defining initial config state, to expedite the process of
destroying/relaunching instances quickly with the same settings every
time.

Closes #228

Closes #195
2021-03-28 14:24:57 -04:00
Shimul
9a5b095305
Allow setting environment variables in whoogle.env (#237)
This allows the user to enable their preferred settings in a variety of
ways, depending on their deployment preference. Values added to
whoogle.env can be enabled using WHOOGLE_DOTENV=1, in which case all
values in the env var file will overwrite defaults or user provided
settings.

Co-authored-by: Ben Busby <benbusby@protonmail.com>
2021-03-28 13:27:08 -04:00
Ben Busby
f4a087303d
Improve static typing throughout repo
Eventually this should be part of a separate mypy ci build, but right
now it's just a general guideline. Future commits and PRs should be
validated for static typing wherever possible.

For reference, the testing commands used for this commit were:

mypy --ignore-missing-imports --pretty --disallow-untyped-calls app/
mypy --ignore-missing-imports --pretty --disallow-untyped-calls test/
2021-03-24 15:13:52 -04:00
Shimul
c893f5d7a2
Configure PWA for mobile browsers (#234)
Fix PWA issue for mobile phones
Fix icon loading issue
Update app/static/img/favicon/manifest.json

Co-authored-by: Ben Busby <benbusby@pm.me>
2021-03-22 13:04:29 -04:00
Ben Busby
d81b232248
Re-add search css to results page
The results page search css was removed during the refactor to allow for
user defined css. This adds that back.
2021-03-22 10:59:32 -04:00
Ben Busby
56258a16b0
Return 503 if response is blocked by captcha
Also added in a slight modification to the dark theme style, which
should only apply the border radius in the header.

Closes #226
2021-03-20 21:51:24 -04:00
Ben Busby
c0f4ba99cf
Allow user-defined CSS/theming (#227)
* Add custom CSS field to config

This allows users to set/customize an instance's theme and appearance to
their liking. The config CSS field is prepopulated with all default CSS
variable values to allow quick editing.

Note that this can be somewhat of a "footgun" if someone updates the
CSS to hide all fields/search/etc. Should probably add some sort of
bandaid "admin" feature for public instances to employ until the whole
cookie/session issue is investigated further.

* Symlink all app static files to test dir

* Refactor app/misc/*.json -> app/static/settings/*.json

The country/language json files are used for user config settings, so
the "misc" name didn't really make sense. Also moved these to the static
folder to make testing easier.

* Fix light theme variables in dark theme css

* Minor style tweaking
2021-03-20 21:21:41 -04:00
Shimul
e4299f7a72
Handle manifest-src in CSP (#231) 2021-03-20 19:52:06 -04:00
Ben Busby
ba7493a846
Add healthcheck to Dockerfile
See #184
2021-03-08 12:38:40 -05:00
Ben Busby
d447e5009f
Improve naming of *_utils files, update fn/class doc
The app/utils/*_utils weren't named very well, and all have been updated
to have more accurate names.

Function and class documention for the utils have been updated as well,
as part of the effort to improve overall documentation for the project.
2021-03-08 12:22:04 -05:00
Ben Busby
a1134e7633
Send CSP header in all responses
Introduces a new content security policy header for responses to all
requests to reduce the possibility of ip leaks to outside connections.
By default blocks all inline scripts, and only allows content loaded
from Whoogle.

Refactors a few small inline scripting cases in the project to their own
individual scripts.
2021-03-07 14:04:05 -05:00
Ben Busby
08379efa26
Remove auth req for accessing opensearch
Requiring authentication for accessing the opensearch template prevents
the browser from accessing the file when adding as a default search
engine. This removes the authentication requirement from the opensearch
route, which should never provide any sensitive information anyways.
2021-02-26 11:42:42 -05:00
Ben Busby
6c85468cd6
Allow bang operator anywhere in query
Bang operator can now be placed anywhere in the query, to allow for peak
efficiency in stream of consciousness querying (i.e. `big !reddit
chungus` will search reddit for big chungus`).

Fixes #196
2021-02-20 15:31:15 -05:00
Ben Busby
e066a19411
Ensure G logo doesn't appear in mobile img results
Adds a separate check to remove all images sourced from www.gstatic.com,
which is where the mobile logo in particular is coming from.
2021-02-20 15:04:32 -05:00
Tomasz Borychowski
4bbfc8c8f7 fix 'j' and 'k' inside search input 2021-02-19 22:49:32 +00:00
Ben Busby
3958e607de
Merge branch 'develop' into develop 2021-02-19 12:30:27 -05:00
Roman Štefko
c5fdf84635
Do not autocapitalize on index page search bar (#200) 2021-02-19 12:30:05 -05:00
Tomasz Borychowski
04718099f4 add basic keyboard support 2021-02-14 15:50:53 +00:00
Ben Busby
35b555273c
Merge remote-tracking branch 'origin/main' into develop 2021-02-07 18:56:22 -05:00
Ben Busby
0a6575d219
Hotfix: Move language/country json to app dir
Pip installs of whoogle search were missing access to the misc/ folder,
which previously contained the language and country json files. These
have been moved to app/misc, and the previous root level misc/ was
renamed to config/ (since it now only contains the tor config files).

Bump to 0.3.1.
2021-02-07 18:55:27 -05:00
Ben Busby
01b810b130
Add ability to redirect reddit.com to libredd.it (#180)
* Adds the ability to redirect reddit.com to libredd.it using the existing
 "site alts" config setting.

This adds the WHOOGLE_ALT_RD environment variable for optionally
redirecting reddit links to libreddit
(https://github.com/spikecodes/libreddit).

* Include libreddit in home page site alt note
2021-01-23 17:43:53 -05:00
Ben Busby
329c38efb0
Hotfix: Enforce https in heroku opensearch template
Heroku instances were using the base http url when formatting the
opensearch.xml template. This adds a new routing utility, "needs_https",
which can be used for determining if the url in question needs
upgrading.
2021-01-23 14:50:30 -05:00
Ben Busby
5c69283e80
Hotfix: Add hidden submit btn for nojs searches
With javascript disabled, searches could not be submitted on the results
page using the "Enter" key. Adding a hidden submit button to the header
template resolves this issue.
2021-01-19 11:11:13 -05:00
Ben Busby
406e236666
Bump version to 0.3.0 2021-01-17 23:07:43 -05:00
Ben Busby
440c4e9c50
Remove lxml dependency
The lxml dependency in the project was fairly unnecessary, and made the
initial build time for the project considerably slower. This replaces
all instances of lxml with either the default html parser (for bs4
constructors) or the built in xml.etree package (for search suggestion
parsing).
2020-12-29 18:43:42 -05:00
Ben Busby
2bbc649903
Add support for UPS/USPS/FedEx tracking queries
Introduces a new javascript "utils" file, which includes a check for
matching the query against a set of tracking number regexes on page
load. If a match is found, the script prepends a link to the
(presumably) appropriate tracking page.

Referenced in #98
2020-12-27 18:00:35 -05:00
Ben Busby
6e7ec9918a
Move language/country settings to app config
Moves the language and country dicts from the config model to json files
that are loaded during app init and stored in the app config dict. This
substantially improves the readability of the config model and allows
for much more sensible loading of the language/country options.
2020-12-17 16:42:05 -05:00
Ben Busby
375f4ee9fd
PEP-8: Fix formatting issues, add CI workflow (#161)
Enforces PEP-8 formatting for all python code

Adds a github action build for checking pep8 formatting using pycodestyle
2020-12-17 16:06:47 -05:00
Ziga Zajc
b55aad3fdf
Use #222 for dark mode bg (#159) 2020-12-17 16:03:05 -05:00
Ben Busby
b695179c79
Add ability to collapse "people also ask"
This adds a step in the filter process to wrap the "people also ask"
section in a <details> element, which automatically collapses the
contents of the section. Clicking/tapping the details element expands
the view as normal.

See #113
2020-12-15 11:09:48 -05:00
Ben Busby
3978241d28
Fix black text in dark mode dropdowns
Closes #145
2020-12-15 10:48:29 -05:00
Ben Busby
5b5c2588ed
Fix nojs lxml constructor
The BeautifulSoup constructur in gen_nojs needed to explicitly set
features='lxml' to silence a warning from the library.

Also temporarily disabled the site alts test since the results are too
unreliable. This should be moved to a unit test instead.
2020-12-11 19:21:32 -05:00
Ben Busby
e6db3112f7
Fix pagination bug for pages > 3
The pagination footer on the results page after page 2 has three actions
(beginning, next, previous). The footer filter was updated to remove
items with more than three actions to fix this.

See #131
2020-12-07 20:38:57 -05:00
Ben Busby
6c429e6dd1
Allow setting site alts using environment vars (#155)
* Add ability to configure site alts w/ env vars

Site alternatives (i.e. twitter.com -> nitter.net) can now be configured
using environment variables:

WHOOGLE_ALT_TW='nitter.net' # twitter alt
WHOOGLE_ALT_YT='invidio.us' # youtube alt
WHOOGLE_ALT_IG='bibliogram.art/u' # instagram alt

Updated testing to confirm results have been modified.

* Add site alt vars to docker settings and readme
2020-12-05 17:01:21 -05:00
Ben Busby
44a5da1895
Fix heroku https upgrade, add funding options
Heroku app instances have been notoriously bad at having the instance
automatically upgraded to https. This adds a step in the before request
decorator to always upgrade heroku apps, since they're always deployed
with the certificate, but never configured to upgrade automatically.

Fixes #153
2020-12-05 15:53:42 -05:00
Ben Busby
54109874fb
Move screenshots/branding to separate docs folder 2020-12-04 10:53:12 -05:00
Ben Busby
2d0823b012
Hotfix: Remove mobile subdomain for invidious redirect
See #151
2020-11-28 21:30:58 -05:00
Ben Busby
0afd59056f
Hotfix: update invidious url, remove www from link
The invidious instance has been updated to invidious.snopyta.org, since
this instance is more reliable and has more users according to
instances.invidio.us

All site alternative redirects now redirect without the 'www' subdomain,
since most of the alternative sites don't have this subdomain set up.
2020-11-28 12:15:04 -05:00
Ben Busby
0d0f32d108
Hotfix: update ad filter for portugese config 2020-11-24 13:14:40 -05:00
Ben Busby
a519de90af
Enforce GET-only in opensearch for Chrome
The resolution for enabling full support for search + suggestions in
Chrome is to remove the "method" tag altogether for any Chrome based
browser. Any inclusion of this tag seems to break the search suggestion
feature, and makes the user add the search engine manually.
2020-11-18 10:31:19 -05:00
Ben Busby
72cbc342af Add ability to set temp config in search query
Dark mode, country, interface language, and search language configs
can now be set in the search query by appending each option as a
url parameter.

Supported args are: 'dark', 'lang_search', 'lang_interface', and 'ctry'

Ex: /search?q=%s&dark=1&lang_search=lang_en...

These config settings persist across page navigation and switching
result type, but will be reset if the main search bar is used.

See #144
2020-11-11 00:40:49 -05:00
Ben Busby
f88d1fbb66 Fix main page visibility for noscript users
The body tag of the home page was previously hidden until the page was
finished loading to prevent a flash of unstyled content, but this broke
functionality for users who disallow javascript. This adds in a new
noscript tag to manually enable visibility of the body element, as well
as automatically displaying the config section (since its visibility is
also typically handled by javascript).
2020-11-03 10:41:29 -05:00
bugbounce
1148a7fb8d
Use relative links instead of absolute (#139)
* Use relative links instead of absolute

This allows for hosting under a subpath. For example if you want to host
whoogle at example.com/whoogle, it should work better with a reverse proxy.

* Use relative link for opensearch.xml
2020-10-29 11:09:31 -04:00
Ben Busby
933ce7e068 Handle FF sending bad search suggestion param
Occasionally, Firefox will send the search suggestion
string to the server without a mimetype, resulting in the suggestion
only appearing in Flask's `request.data` field. This field is typically
not used for parsing arguments, as the documentation states:

Contains the incoming request data as string in case it came with a
mimetype Flask does not handle.

This fix captures the bytes object sent to the server and parses it into
a normal query to be used in forming suggestions.
2020-10-28 23:02:41 -04:00
Ben Busby
0ef098069e
Add tor and http/socks proxy support (#137)
* Add tor and http/socks proxy support

Allows users to enable/disable tor from the config menu, which will
forward all requests through Tor.

Also adds support for setting environment variables for alternative
proxy support. Setting the following variables will forward requests
through the proxy:
    - WHOOGLE_PROXY_USER (optional)
    - WHOOGLE_PROXY_PASS (optional)
    - WHOOGLE_PROXY_TYPE (required)
      - Can be "http", "socks4", or "socks5"
    - WHOOGLE_PROXY_LOC  (required)
      - Format: "<ip address>:<port>"

See #30

* Refactor acquire_tor_conn -> acquire_tor_identity

Also updated travis CI to set up tor

* Add check for Tor socket on init, improve Tor error handling

Initializing the app sends a heartbeat request to Tor to check for
availability, and updates the home page config options accordingly. This
heartbeat is sent on every request, to ensure Tor support can be
reconfigured without restarting the entire app.

If Tor support is enabled, and a subsequent request fails, then a new
TorError exception is raised, and the Tor feature is disabled until a
valid connection is restored.

The max attempts has been updated to 10, since 5 seemed a bit too low
for how quickly the attempts go by.

* Change send_tor_signal arg type, update function doc

send_tor_signal now accepts a stem.Signal arg (a bit cleaner tbh). Also
added the doc string for the "disable" attribute in TorError.

* Fix tor identity logic in Request.send

* Update proxy init, change proxyloc var name

Proxy is now only initialized if both type and location are specified,
as neither have a default fallback and both are required. I suppose the
type could fall back to http, but seems safer this way.

Also refactored proxyurl -> proxyloc for the runtime args in order to
match the Dockerfile args.

* Add tor/proxy support for Docker builds, fix opensearch/init

The Dockerfile is now updated to include support for Tor configuration,
with a working torrc file included in the repo.

An issue with opensearch was fixed as well, which was uncovered during
testing and was simple enough to fix here. Likewise, DDG bang gen was
updated to only ever happen if the file didn't exist previously, as
testing with the file being regenerated every time was tedious.

* Add missing "@" for socks proxy requests
2020-10-28 20:47:42 -04:00