summaryrefslogtreecommitdiff
path: root/searx/webapp.py
diff options
context:
space:
mode:
authorAlexandre Flament <alex@al-f.net>2017-01-20 18:52:47 +0100
committerAlexandre Flament <alex@al-f.net>2017-01-20 18:52:47 +0100
commit15eef0ebdb15af80c026302bef250dc7f4417951 (patch)
treec1e5ab56359ed3f23a17e6721cae1c4fbf6d88af /searx/webapp.py
parent7fdfeca3a43e0e2bd8ef2dcb27cca7745edf596a (diff)
downloadsearxng-15eef0ebdb15af80c026302bef250dc7f4417951.tar.gz
searxng-15eef0ebdb15af80c026302bef250dc7f4417951.zip
[enh] validate input and raise an exception inside search.py. The exception message is output in json and rss format.
Diffstat (limited to 'searx/webapp.py')
-rw-r--r--searx/webapp.py67
1 files changed, 52 insertions, 15 deletions
diff --git a/searx/webapp.py b/searx/webapp.py
index 31d85ff5b..929d9e243 100644
--- a/searx/webapp.py
+++ b/searx/webapp.py
@@ -52,6 +52,7 @@ from flask import (
from flask_babel import Babel, gettext, format_date, format_decimal
from flask.json import jsonify
from searx import settings, searx_dir, searx_debug
+from searx.exceptions import SearxException, SearxParameterException
from searx.engines import (
categories, engines, engine_shortcuts, get_engines_stats, initialize_engines
)
@@ -400,6 +401,33 @@ def pre_request():
request.user_plugins.append(plugin)
+def index_error(output_format, error_message):
+ if output_format == 'json':
+ return Response(json.dumps({'error': error_message}),
+ mimetype='application/json')
+ elif output_format == 'csv':
+ response = Response('', mimetype='application/csv')
+ cont_disp = 'attachment;Filename=searx.csv'
+ response.headers.add('Content-Disposition', cont_disp)
+ return response
+ elif output_format == 'rss':
+ response_rss = render(
+ 'opensearch_response_rss.xml',
+ results=[],
+ q=request.form['q'] if 'q' in request.form else '',
+ number_of_results=0,
+ base_url=get_base_url(),
+ error_message=error_message
+ )
+ return Response(response_rss, mimetype='text/xml')
+ else:
+ # html
+ request.errors.append(gettext('search error'))
+ return render(
+ 'index.html',
+ )
+
+
@app.route('/search', methods=['GET', 'POST'])
@app.route('/', methods=['GET', 'POST'])
def index():
@@ -408,10 +436,19 @@ def index():
Supported outputs: html, json, csv, rss.
"""
+ # output_format
+ output_format = request.form.get('format', 'html')
+ if output_format not in ['html', 'csv', 'json', 'rss']:
+ output_format = 'html'
+
+ # check if there is query
if request.form.get('q') is None:
- return render(
- 'index.html',
- )
+ if output_format == 'html':
+ return render(
+ 'index.html',
+ )
+ else:
+ return index_error(output_format, 'No query'), 400
# search
search_query = None
@@ -421,20 +458,24 @@ def index():
# search = Search(search_query) # without plugins
search = SearchWithPlugins(search_query, request)
result_container = search.search()
- except:
- request.errors.append(gettext('search error'))
+ except Exception as e:
+ # log exception
logger.exception('search error')
- return render(
- 'index.html',
- )
+ # is it an invalid input parameter or something else ?
+ if (issubclass(e.__class__, SearxParameterException)):
+ return index_error(output_format, e.message), 400
+ else:
+ return index_error(output_format, gettext('search error')), 500
+
+ # results
results = result_container.get_ordered_results()
+ number_of_results = result_container.results_number()
+ if number_of_results < result_container.results_length():
+ number_of_results = 0
# UI
advanced_search = request.form.get('advanced_search', None)
- output_format = request.form.get('format', 'html')
- if output_format not in ['html', 'csv', 'json', 'rss']:
- output_format = 'html'
# output
for result in results:
@@ -470,10 +511,6 @@ def index():
else:
result['publishedDate'] = format_date(result['publishedDate'])
- number_of_results = result_container.results_number()
- if number_of_results < result_container.results_length():
- number_of_results = 0
-
if output_format == 'json':
return Response(json.dumps({'query': search_query.query,
'number_of_results': number_of_results,