diff options
26 files changed, 47 insertions, 42 deletions
diff --git a/searx/templates/courgette/base.html b/searx/templates/courgette/base.html index 58957335d..276fae870 100644 --- a/searx/templates/courgette/base.html +++ b/searx/templates/courgette/base.html @@ -5,6 +5,7 @@ <meta name="description" content="Searx - a privacy-respecting, hackable metasearch engine" /> <meta name="keywords" content="searx, search, search engine, metasearch, meta search" /> <meta name="generator" content="searx/{{ searx_version }}"> + <meta name="referrer" content="no-referrer"> <meta name="viewport" content="width=device-width, maximum-scale=1.0, user-scalable=1" /> <title>{% block title %}{% endblock %}searx</title> <link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}" type="text/css" media="screen" /> @@ -39,4 +40,4 @@ <script src="{{ url_for('static', filename='js/searx.js') }}" ></script> </div> </body> -</html>
\ No newline at end of file +</html> diff --git a/searx/templates/courgette/result_templates/.code.html.swp b/searx/templates/courgette/result_templates/.code.html.swp Binary files differnew file mode 100644 index 000000000..b262ab703 --- /dev/null +++ b/searx/templates/courgette/result_templates/.code.html.swp diff --git a/searx/templates/courgette/result_templates/code.html b/searx/templates/courgette/result_templates/code.html index 382ce2a56..726f305cb 100644 --- a/searx/templates/courgette/result_templates/code.html +++ b/searx/templates/courgette/result_templates/code.html @@ -1,8 +1,8 @@ <div class="result {{ result.class }}">
- <h3 class="result_title">{% if result['favicon'] %}<img width="14" height="14" class="favicon" src="static/{{theme}}/img/icon_{{result['favicon']}}.ico" alt="{{result['favicon']}}" />{% endif %}<a href="{{ result.url }}">{{ result.title|safe }}</a></h3>
+ <h3 class="result_title">{% if result['favicon'] %}<img width="14" height="14" class="favicon" src="static/{{theme}}/img/icon_{{result['favicon']}}.ico" alt="{{result['favicon']}}" />{% endif %}<a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3>
{% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span>{% endif %}
<p class="content">{% if result.img_src %}<img src="{{ image_proxify(result.img_src) }}" class="image" />{% endif %}{% if result.content %}{{ result.content|safe }}<br class="last"/>{% endif %}</p>
- {% if result.repository %}<p class="content"><a href="{{ result.repository|safe }}">{{ result.repository }}</a></p>{% endif %}
+ {% if result.repository %}<p class="content"><a href="{{ result.repository|safe }}" rel="noreferrer">{{ result.repository }}</a></p>{% endif %}
<div dir="ltr">
{{ result.codelines|code_highlighter(result.code_language)|safe }}
</div>
diff --git a/searx/templates/courgette/result_templates/default.html b/searx/templates/courgette/result_templates/default.html index f5f5acef7..585ecf3f5 100644 --- a/searx/templates/courgette/result_templates/default.html +++ b/searx/templates/courgette/result_templates/default.html @@ -5,9 +5,9 @@ {% endif %} <div> - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span>{% endif %} <p class="content">{% if result.content %}{{ result.content|safe }}<br />{% endif %}</p> <p class="url">{{ result.pretty_url }}‎</p> </div> -</div>
\ No newline at end of file +</div> diff --git a/searx/templates/courgette/result_templates/images.html b/searx/templates/courgette/result_templates/images.html index 7228578e7..87fc7744c 100644 --- a/searx/templates/courgette/result_templates/images.html +++ b/searx/templates/courgette/result_templates/images.html @@ -1,6 +1,6 @@ <div class="image_result"> <p> - <a href="{{ result.img_src }}"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> - <span class="url"><a href="{{ result.url }}" class="small_font">{{ _('original context') }}</a></span> + <a href="{{ result.img_src }}" rel="noreferrer"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> + <span class="url"><a href="{{ result.url }}" rel="noreferrer" class="small_font">{{ _('original context') }}</a></span> </p> </div> diff --git a/searx/templates/courgette/result_templates/map.html b/searx/templates/courgette/result_templates/map.html index f5f5acef7..585ecf3f5 100644 --- a/searx/templates/courgette/result_templates/map.html +++ b/searx/templates/courgette/result_templates/map.html @@ -5,9 +5,9 @@ {% endif %} <div> - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span>{% endif %} <p class="content">{% if result.content %}{{ result.content|safe }}<br />{% endif %}</p> <p class="url">{{ result.pretty_url }}‎</p> </div> -</div>
\ No newline at end of file +</div> diff --git a/searx/templates/courgette/result_templates/torrent.html b/searx/templates/courgette/result_templates/torrent.html index b961eb09b..33b574244 100644 --- a/searx/templates/courgette/result_templates/torrent.html +++ b/searx/templates/courgette/result_templates/torrent.html @@ -2,12 +2,12 @@ {% if "icon_"~result.engine~".ico" in favicons %} <img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" /> {% endif %} - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> {% if result.content %}<span class="content">{{ result.content|safe }}</span><br />{% endif %} <span class="stats">{{ _('Seeder') }} : {{ result.seed }}, {{ _('Leecher') }} : {{ result.leech }}</span><br /> <span> {% if result.magnetlink %}<a href="{{ result.magnetlink }}" class="magnetlink">{{ _('magnet link') }}</a>{% endif %} - {% if result.torrentfile %}<a href="{{ result.torrentfile }}" class="torrentfile">{{ _('torrent file') }}</a>{% endif %} + {% if result.torrentfile %}<a href="{{ result.torrentfile }}" class="torrentfile" rel="noreferrer">{{ _('torrent file') }}</a>{% endif %} </span> <p class="url">{{ result.pretty_url }}‎</p> -</div>
\ No newline at end of file +</div> diff --git a/searx/templates/courgette/result_templates/videos.html b/searx/templates/courgette/result_templates/videos.html index 4e0174ba6..ceed8b28f 100644 --- a/searx/templates/courgette/result_templates/videos.html +++ b/searx/templates/courgette/result_templates/videos.html @@ -3,8 +3,8 @@ <img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" /> {% endif %} - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span><br />{% endif %} - <a href="{{ result.url }}"><img width="400" src="{{ image_proxify(result.thumbnail) }}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> + <a href="{{ result.url }}" rel="noreferrer"><img width="400" src="{{ image_proxify(result.thumbnail) }}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> <p class="url">{{ result.pretty_url }}‎</p> </div> diff --git a/searx/templates/default/base.html b/searx/templates/default/base.html index fa96d9437..143bdb8d2 100644 --- a/searx/templates/default/base.html +++ b/searx/templates/default/base.html @@ -5,6 +5,7 @@ <meta name="description" content="Searx - a privacy-respecting, hackable metasearch engine" /> <meta name="keywords" content="searx, search, search engine, metasearch, meta search" /> <meta name="generator" content="searx/{{ searx_version }}"> + <meta name="referrer" content="no-referrer"> <meta name="viewport" content="width=device-width, maximum-scale=1.0, user-scalable=1" /> <title>{% block title %}{% endblock %}searx</title> <link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}" type="text/css" media="screen" /> diff --git a/searx/templates/default/infobox.html b/searx/templates/default/infobox.html index 50f5e098e..1733f7753 100644 --- a/searx/templates/default/infobox.html +++ b/searx/templates/default/infobox.html @@ -17,7 +17,7 @@ <div class="urls"> <ul> {% for url in infobox.urls %} - <li class="url"><a href="{{ url.url }}">{{ url.title }}</a></li> + <li class="url"><a href="{{ url.url }}" rel="noreferrer">{{ url.title }}</a></li> {% endfor %} </ul> </div> diff --git a/searx/templates/default/result_templates/code.html b/searx/templates/default/result_templates/code.html index 78eda1884..ad1d97e9e 100644 --- a/searx/templates/default/result_templates/code.html +++ b/searx/templates/default/result_templates/code.html @@ -1,9 +1,9 @@ <div class="result {{ result.class }}">
- <h3 class="result_title"> {% if result['favicon'] %}<img width="14" height="14" class="favicon" src="static/{{theme}}/img/icon_{{result['favicon']}}.ico" alt="{{result['favicon']}}" />{% endif %}<a href="{{ result.url }}">{{ result.title|safe }}</a></h3>
- <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}">{{ _('cached') }}</a></p>
+ <h3 class="result_title"> {% if result['favicon'] %}<img width="14" height="14" class="favicon" src="static/{{theme}}/img/icon_{{result['favicon']}}.ico" alt="{{result['favicon']}}" />{% endif %}<a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3>
+ <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}" rel="noreferrer">{{ _('cached') }}</a></p>
{% if result.publishedDate %}<p class="published_date">{{ result.publishedDate }}</p>{% endif %}
<p class="content">{% if result.img_src %}<img src="{{ image_proxify(result.img_src) }}" class="image" />{% endif %}{% if result.content %}{{ result.content|safe }}<br class="last"/>{% endif %}</p>
- {% if result.repository %}<p class="result-content"><a href="{{ result.repository|safe }}">{{ result.repository }}</a></p>{% endif %}
+ {% if result.repository %}<p class="result-content"><a href="{{ result.repository|safe }}" rel="noreferrer">{{ result.repository }}</a></p>{% endif %}
<div dir="ltr">
{{ result.codelines|code_highlighter(result.code_language)|safe }}
diff --git a/searx/templates/default/result_templates/default.html b/searx/templates/default/result_templates/default.html index 4cbf231f1..89091e280 100644 --- a/searx/templates/default/result_templates/default.html +++ b/searx/templates/default/result_templates/default.html @@ -1,6 +1,6 @@ <div class="result {{ result.class }}"> - <h3 class="result_title">{% if "icon_"~result.engine~".ico" in favicons %}<img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" />{% endif %}<a href="{{ result.url }}">{{ result.title|safe }}</a></h3> - <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}">{{ _('cached') }}</a> + <h3 class="result_title">{% if "icon_"~result.engine~".ico" in favicons %}<img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" />{% endif %}<a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> + <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}" rel="noreferrer">{{ _('cached') }}</a> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span>{% endif %}</p> <p class="content">{% if result.img_src %}<img src="{{ image_proxify(result.img_src) }}" class="image" />{% endif %}{% if result.content %}{{ result.content|safe }}<br class="last"/>{% endif %}</p> </div> diff --git a/searx/templates/default/result_templates/images.html b/searx/templates/default/result_templates/images.html index e06dcc194..d85f841ae 100644 --- a/searx/templates/default/result_templates/images.html +++ b/searx/templates/default/result_templates/images.html @@ -1,6 +1,6 @@ <div class="image_result"> <p> - <a href="{{ result.img_src }}"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}" /></a> - <span class="url"><a href="{{ result.url }}" class="small_font">{{ _('original context') }}</a></span> + <a href="{{ result.img_src }}" rel="noreferrer"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}" /></a> + <span class="url"><a href="{{ result.url }}" rel="noreferrer" class="small_font">{{ _('original context') }}</a></span> </p> </div> diff --git a/searx/templates/default/result_templates/map.html b/searx/templates/default/result_templates/map.html index e2d00f920..d413742e7 100644 --- a/searx/templates/default/result_templates/map.html +++ b/searx/templates/default/result_templates/map.html @@ -5,8 +5,8 @@ {% endif %} <div> - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> - <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}">{{ _('cached') }}</a> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> + <p class="url">{{ result.pretty_url }}‎ <a class="cache_link" href="https://web.archive.org/web/{{ result.url }}" rel="noreferrer">{{ _('cached') }}</a> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span>{% endif %}</p> <p class="content">{% if result.img_src %}<img src="{{ image_proxify(result.img_src) }}" class="image" />{% endif %}{% if result.content %}{{ result.content|safe }}<br class="last"/>{% endif %}</p> </div> diff --git a/searx/templates/default/result_templates/torrent.html b/searx/templates/default/result_templates/torrent.html index b91babfc6..4b2522ad0 100644 --- a/searx/templates/default/result_templates/torrent.html +++ b/searx/templates/default/result_templates/torrent.html @@ -2,12 +2,12 @@ {% if "icon_"~result.engine~".ico" in favicons %} <img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" /> {% endif %} - <h3 class="result_title"><a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title"><a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> <p class="url">{{ result.pretty_url }}‎</p> {% if result.content %}<p class="content">{{ result.content|safe }}</p>{% endif %} <p> {% if result.magnetlink %}<a href="{{ result.magnetlink }}" class="magnetlink">{{ _('magnet link') }}</a>{% endif %} - {% if result.torrentfile %}<a href="{{ result.torrentfile }}" class="torrentfile">{{ _('torrent file') }}</a>{% endif %} - + {% if result.torrentfile %}<a href="{{ result.torrentfile }}" rel="noreferrer" class="torrentfile">{{ _('torrent file') }}</a>{% endif %} - <span class="stats">{{ _('Seeder') }} : {{ result.seed }}, {{ _('Leecher') }} : {{ result.leech }}</span> </p> </div> diff --git a/searx/templates/default/result_templates/videos.html b/searx/templates/default/result_templates/videos.html index b85b4cf5a..5a377b70f 100644 --- a/searx/templates/default/result_templates/videos.html +++ b/searx/templates/default/result_templates/videos.html @@ -1,6 +1,6 @@ <div class="result"> - <h3 class="result_title">{% if "icon_"~result.engine~".ico" in favicons %}<img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" />{% endif %}<a href="{{ result.url }}">{{ result.title|safe }}</a></h3> + <h3 class="result_title">{% if "icon_"~result.engine~".ico" in favicons %}<img width="14" height="14" class="favicon" src="{{ url_for('static', filename='img/icons/icon_'+result.engine+'.ico') }}" alt="{{result.engine}}" />{% endif %}<a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h3> {% if result.publishedDate %}<span class="published_date">{{ result.publishedDate }}</span><br />{% endif %} - <a href="{{ result.url }}"><img class="thumbnail" src="{{ image_proxify(result.thumbnail) }}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> + <a href="{{ result.url }}" rel="noreferrer"><img class="thumbnail" src="{{ image_proxify(result.thumbnail) }}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}"/></a> <p class="url">{{ result.url }}‎</p> </div> diff --git a/searx/templates/oscar/base.html b/searx/templates/oscar/base.html index 88eedc994..a799376f5 100644 --- a/searx/templates/oscar/base.html +++ b/searx/templates/oscar/base.html @@ -6,6 +6,7 @@ <meta name="keywords" content="searx, search, search engine, metasearch, meta search" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="generator" content="searx/{{ searx_version }}"> + <meta name="referrer" content="no-referrer"> <meta name="viewport" content="width=device-width, initial-scale=1 , maximum-scale=1.0, user-scalable=1" /> {% block meta %}{% endblock %} <title>{% block title %}{% endblock %}searx</title> diff --git a/searx/templates/oscar/infobox.html b/searx/templates/oscar/infobox.html index 1aa2e5c11..2abdbf0ec 100644 --- a/searx/templates/oscar/infobox.html +++ b/searx/templates/oscar/infobox.html @@ -20,7 +20,7 @@ {% if infobox.urls %} <div class="infobox_part"> {% for url in infobox.urls %} - <p class="btn btn-default btn-xs"><a href="{{ url.url }}">{{ url.title }}</a></p> + <p class="btn btn-default btn-xs"><a href="{{ url.url }}" rel="noreferrer">{{ url.title }}</a></p> {% endfor %} </div> {% endif %} diff --git a/searx/templates/oscar/macros.html b/searx/templates/oscar/macros.html index feb9ba942..5866c132c 100644 --- a/searx/templates/oscar/macros.html +++ b/searx/templates/oscar/macros.html @@ -11,15 +11,15 @@ <!-- Draw result header -->
{% macro result_header(result, favicons) -%}
- <h4 class="result_header">{% if result.engine~".png" in favicons %}{{ draw_favicon(result.engine) }} {% endif %}<a href="{{ result.url }}">{{ result.title|safe }}</a></h4>
+ <h4 class="result_header">{% if result.engine~".png" in favicons %}{{ draw_favicon(result.engine) }} {% endif %}<a href="{{ result.url }}" rel="noreferrer">{{ result.title|safe }}</a></h4>
{%- endmacro %}
<!-- Draw result sub header -->
{% macro result_sub_header(result) -%}
{% if result.publishedDate %}<time class="text-muted" datetime="{{ result.pubdate }}" >{{ result.publishedDate }}</time>{% endif %}
- <small><a class="text-info" href="https://web.archive.org/web/{{ result.url }}">{{ icon('link') }} {{ _('cached') }}</a></small>
+ <small><a class="text-info" href="https://web.archive.org/web/{{ result.url }}" rel="noreferrer">{{ icon('link') }} {{ _('cached') }}</a></small>
{% if result.magnetlink %}<small> • <a href="{{ result.magnetlink }}" class="magnetlink">{{ icon('magnet') }} {{ _('magnet link') }}</a></small>{% endif %}
- {% if result.torrentfile %}<small> • <a href="{{ result.torrentfile }}" class="torrentfile">{{ icon('download-alt') }} {{ _('torrent file') }}</a></small>{% endif %}
+ {% if result.torrentfile %}<small> • <a href="{{ result.torrentfile }}" class="torrentfile" rel="noreferrer">{{ icon('download-alt') }} {{ _('torrent file') }}</a></small>{% endif %}
{%- endmacro %}
<!-- Draw result footer -->
diff --git a/searx/templates/oscar/result_templates/code.html b/searx/templates/oscar/result_templates/code.html index 6890c7851..582a2149c 100644 --- a/searx/templates/oscar/result_templates/code.html +++ b/searx/templates/oscar/result_templates/code.html @@ -5,7 +5,7 @@ {% if result.content %}<p class="result-content">{{ result.content|safe }}</p>{% endif %}
-{% if result.repository %}<p class="result-content">{{ icon('file') }} <a href="{{ result.repository|safe }}">{{ result.repository }}</a></p>{% endif %}
+{% if result.repository %}<p class="result-content">{{ icon('file') }} <a href="{{ result.repository|safe }}" rel="noreferrer">{{ result.repository }}</a></p>{% endif %}
<div dir="ltr">
{{ result.codelines|code_highlighter(result.code_language)|safe }}
diff --git a/searx/templates/oscar/result_templates/images.html b/searx/templates/oscar/result_templates/images.html index 3f39ca6da..1bfff0a1a 100644 --- a/searx/templates/oscar/result_templates/images.html +++ b/searx/templates/oscar/result_templates/images.html @@ -1,6 +1,6 @@ {% from 'oscar/macros.html' import draw_favicon %}
-<a href="{{ result.img_src }}" data-toggle="modal" data-target="#modal-{{ index }}">
+<a href="{{ result.img_src }}" rel="noreferrer" data-toggle="modal" data-target="#modal-{{ index }}">
<img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" alt="{{ result.title|striptags }}" title="{{ result.title|striptags }}" class="img-thumbnail">
</a>
@@ -20,8 +20,8 @@ <span class="label label-default pull-right">{{ result.engine }}</span>
<p class="text-muted pull-left">{{ result.pretty_url }}</p>
<div class="clearfix"></div>
- <a href="{{ result.img_src }}" class="btn btn-default">{{ _('Get image') }}</a>
- <a href="{{ result.url }}" class="btn btn-default">{{ _('View source') }}</a>
+ <a href="{{ result.img_src }}" rel="noreferrer" class="btn btn-default">{{ _('Get image') }}</a>
+ <a href="{{ result.url }}" rel="noreferrer" class="btn btn-default">{{ _('View source') }}</a>
</div>
</div>
</div>
diff --git a/searx/templates/oscar/result_templates/videos.html b/searx/templates/oscar/result_templates/videos.html index ddf2894ac..af4841453 100644 --- a/searx/templates/oscar/result_templates/videos.html +++ b/searx/templates/oscar/result_templates/videos.html @@ -15,7 +15,7 @@ <div class="container-fluid">
<div class="row">
- <a href="{{ result.url }}"><img class="thumbnail col-xs-6 col-sm-4 col-md-4 result-content" src="{{ image_proxify(result.thumbnail) }}" alt="{{ result.title|striptags }} {{ result.engine }}" /></a>
+ <a href="{{ result.url }}" rel="noreferrer"><img class="thumbnail col-xs-6 col-sm-4 col-md-4 result-content" src="{{ image_proxify(result.thumbnail) }}" alt="{{ result.title|striptags }} {{ result.engine }}" /></a>
{% if result.content %}<p class="col-xs-12 col-sm-8 col-md-8 result-content">{{ result.content|safe }}</p>{% endif %}
</div>
</div>
diff --git a/searx/templates/pix-art/base.html b/searx/templates/pix-art/base.html index 23bcf44e3..578180c84 100644 --- a/searx/templates/pix-art/base.html +++ b/searx/templates/pix-art/base.html @@ -5,6 +5,7 @@ <meta name="description" content="Searx - a privacy-respecting, hackable metasearch engine" /> <meta name="keywords" content="searx, search, search engine, metasearch, meta search" /> <meta name="generator" content="searx/{{ searx_version }}"> + <meta name="referrer" content="no-referrer"> <meta name="viewport" content="width=device-width, maximum-scale=1.0, user-scalable=1" /> <title>{% block title %}{% endblock %}searx</title> <link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}" type="text/css" media="screen" /> diff --git a/searx/templates/pix-art/result_templates/default.html b/searx/templates/pix-art/result_templates/default.html index 60ff502c8..ada81e5a3 100644 --- a/searx/templates/pix-art/result_templates/default.html +++ b/searx/templates/pix-art/result_templates/default.html @@ -1,6 +1,7 @@ -<a href="{{ result.url }}" title="{{ result.title | striptags }}"> +<a href="{{ result.url }}" title="{{ result.title | striptags }}" rel="noreferrer"> <canvas id="canvas-{{ pageno }}-{{ index }}" class="icon" width="16" height="16"></canvas> </a> <script type="text/javascript"> favicons[{{ pageno }}][{{ index }}] = 'http://{{ result.url | extract_domain }}/favicon.ico'; -</script>
\ No newline at end of file +</script> + diff --git a/searx/templates/pix-art/result_templates/images.html b/searx/templates/pix-art/result_templates/images.html index e06dcc194..d85f841ae 100644 --- a/searx/templates/pix-art/result_templates/images.html +++ b/searx/templates/pix-art/result_templates/images.html @@ -1,6 +1,6 @@ <div class="image_result"> <p> - <a href="{{ result.img_src }}"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}" /></a> - <span class="url"><a href="{{ result.url }}" class="small_font">{{ _('original context') }}</a></span> + <a href="{{ result.img_src }}" rel="noreferrer"><img src="{% if result.thumbnail_src %}{{ image_proxify(result.thumbnail_src) }}{% else %}{{ image_proxify(result.img_src) }}{% endif %}" title="{{ result.title|striptags }}" alt="{{ result.title|striptags }}" /></a> + <span class="url"><a href="{{ result.url }}" rel="noreferrer" class="small_font">{{ _('original context') }}</a></span> </p> </div> diff --git a/searx/tests/test_webapp.py b/searx/tests/test_webapp.py index 32eff5fa5..471ec2f2d 100644 --- a/searx/tests/test_webapp.py +++ b/searx/tests/test_webapp.py @@ -47,7 +47,7 @@ class ViewsTestCase(SearxTestCase): def test_index_html(self): result = self.app.post('/', data={'q': 'test'}) self.assertIn( - '<h3 class="result_title"><img width="14" height="14" class="favicon" src="/static/themes/default/img/icons/icon_youtube.ico" alt="youtube" /><a href="http://second.test.xyz">Second <span class="highlight">Test</span></a></h3>', # noqa + '<h3 class="result_title"><img width="14" height="14" class="favicon" src="/static/themes/default/img/icons/icon_youtube.ico" alt="youtube" /><a href="http://second.test.xyz" rel="noreferrer">Second <span class="highlight">Test</span></a></h3>', # noqa result.data ) self.assertIn( |