| Age | Commit message (Collapse) | Author |
|---|
|
- Closes: https://github.com/searxng/searxng/issues/3456
|
|
|
|
Previously only result urls were set to open in new tab by default, this should
make the behaviour consistent.
Also adds the missing rel="noreferrer" to the anchor tag. Although this should
not be needed as long as the `referrer-policy: no-referrer` header is set, it's
always nice to play safer than to have to say sorry. For example some reverse
proxy configurations might strip off unwhitelisted headers in which case it's
nice to have this set.
|
|
|
|
|
|
Seems to me svg2jinja added the class in the past .. but no longer in new builds
/ this patch adds the class back by using addAttributesToSVGElement [1].
To test this patch use:
$ ./manage themes.simple
$ cat searx/templates/simple/icons.html
and check `class="ionicon"` is in the outer `<svg ..>` tags.
[1] https://svgo.dev/docs/plugins/add-attributes-to-svg-elements/
[2] https://ionic.io/ionicons
Closes: https://github.com/searxng/searxng/issues/3383
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
* this makes it possible to add SearXNG to iOS devices homescreen with a proper icon
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
|
|
Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Before this patch we had a address in the rel-self-template with params [1]:
GET::
<Url method="GET"
rel="self"
template="/opensearch.xml?method=GET&autocomplete=google"
type="application/opensearchdescription+xml"/>
POST::
<Url method="POST"
rel="self"
template="/opensearch.xml?method=POST&autocomplete=google"
type="application/opensearchdescription+xml"/>
The first one (GET) is no longer accepted by firefox since v123, the latter one
was always been wrong (since it mixes GET params with a POST request).
Since Firefox v123 a template syntax [2] in the rel-self-template is no longer
supported / Firefox will report an error::
Firefox could not download the search plugin from:
http://127.0.0.1:8888//opensearch.xml?method=GET&autocomplete=google
This patch reduce the URL to::
template="http://127.0.0.1:8888/opensearch.xml"
[1] https://github.com/dewitt/opensearch/blob/master/opensearch-1-1-draft-6.md#url-rel-values
[2] https://github.com/dewitt/opensearch/blob/master/opensearch-1-1-draft-6.md#opensearch-url-template-syntax
Closes: https://github.com/searxng/searxng/issues/3227
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
|
|
|
|
This right-to-left exception doesn't seem to be called for.
|
|
Make initially hidden and the toggle button consistent.
|
|
This is used, for instance, by the recoll engine.
|
|
|
|
|
|
BTW: remove not needed whitespaces in the generated HTML
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
|
|
|
|
|
|
|
|
Fix #2975
|
|
category select
|
|
|
|
|
|
Replace the on/off checkbox of the vim-hotkeys in the preferences by a drop-down
menu.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Co-authored-by: Alexandre Flament <alex@al-f.net>
|
|
|
|
Closes: https://github.com/searxng/searxng/issues/1354
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
|
|
|
|
* this is a small fix to increase the colspan of the category in engine preferences from 7 to 8, since there was a column added
=> fixing a small fallout from 473129031710973e3c02e7178085b751b5e821ed
|
|
|
|
Related: https://github.com/searxng/searxng/commit/2149e88bdd64#r119535272
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
The monolithic implementation of the limiter was divided into methods and
implemented in the Python package searx.botdetection. Detailed documentation on
the methods has been added.
The methods are divided into two groups:
1. Probe HTTP headers
- Method http_accept
- Method http_accept_encoding
- Method http_accept_language
- Method http_connection
- Method http_user_agent
2. Rate limit:
- Method ip_limit
- Method link_token (new)
The (reduced) implementation of the limiter is now in the module
searx.botdetection.limiter. The first group was transferred unchanged to this
module. The ip_limit contains the sliding windows implemented by the limiter so
far.
This merge also fixes some long outstandig issue:
- limiter does not evaluate the Accept-Language correct [1]
- limiter needs a IPv6 prefix to block networks instead of IPs [2]
Without additional configuration the limiter works as before (apart from the
bugfixes). For the commissioning of additional methods (link_toke), a
configuration must be made in an additional configuration file. Without this
configuration, the limiter runs as before (zero configuration).
The ip_limit Method implements the sliding windows of the vanilla limiter,
additionally the link_token method can be used in this method. The link_token
method can be used to investigate whether a request is suspicious. To activate
the link_token method in the ip_limit method add the following to your
/etc/searxng/limiter.toml::
[botdetection.ip_limit]
link_token = true
[1] https://github.com/searxng/searxng/issues/2455
[2] https://github.com/searxng/searxng/issues/2477
|
|
Closes: https://github.com/searxng/searxng/issues/2482
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
HINT: this patch has no functional change / it is the preparation for following
changes and bugfixes
Over the years, the preferences template became an unmanageable beast. To make
the source code more readable the monolith is splitted into elements. The
splitting into elements also has the advantage that a new template can make use
of them.
The reversed checkbox is a quirk that is only used in the prefereces and must be
eliminated in the long term. For this the macro 'checkbox_onoff_reversed' was
added to the preferences.html template. The 'checkbox' macro is also a quirk of
the preferences.html we don't want to use in other templates (it is an
input-checkbox in a HTML form that was misused for status display).
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
In order to be able to meet the outstanding requirements, the implementation is
modularized and supplemented with documentation.
This patch does not contain functional change, except it fixes issue #2455
----
Aktivate limiter in the settings.yml and simulate a bot request by::
curl -H 'Accept-Language: de-DE,en-US;q=0.7,en;q=0.3' \
-H 'Accept: text/html'
-H 'User-Agent: xyz' \
-H 'Accept-Encoding: gzip' \
'http://127.0.0.1:8888/search?q=foo'
In the LOG:
DEBUG searx.botdetection.link_token : missing ping for this request: .....
Since ``BURST_MAX_SUSPICIOUS = 2`` you can repeat the query above two time
before you get a "Too Many Requests" response.
Closes: https://github.com/searxng/searxng/issues/2455
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
By adding a random component in the limiter URL a bot can no longer send a ping
by request a static URL.
Related: https://github.com/searxng/searxng/pull/2357#issuecomment-1518525094
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
If there were no results but errors in the engines then the error dialogs of the
engines was displayed in the result list.
With the new design errors of the engines should only be displayed in the
sidebar and at the same time duplications of the (template) code will be
avoided.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
* set border top and bottom on sidebar collasables
* inrease peading on summary so its easier to click on mobile
* remove margins and add flex wrapper to normalize elements in sidebar
|
|
Make elements in the sidebar collapse able. Except infoboxes all elements in
the sidebar are collapsed by default.
By folding out the sidebar elements, the UI looks less cluttered. Especially on
small devices like smartphones, where the sidebar is above the results list, the
UX should be improved [1].
[1] https://github.com/searxng/searxng/issues/2140
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
