Setting `WHOOGLE_TOR_FF` will attempt to modify the existing torrc file
with the "FascistFirewall 1" config, which restricts outbound ports to
reachable values.
Fixes#907
Moved the cleaner functions to app/utils/escaper.py
Removed unused import 're'
Moved the cleaner functionalities to the "search.py" and "routes.py"
Making sure escaped chars stay escaped during process
Replaced "<" and ">" with "andlt;" and "andgt;", respectively. This way,
when the 'response' object get loaded to bsoup (which happens several times
throughout the process between search.py and routes.py), bsoup will not
unescape them.
Introduces the ability to refine searches by time period:
- Past hour
- Past 24 hours
- Past week
- Past month
- Past year
Co-authored-by: Ben Busby <contact@benbusby.com>
Still a manual process, but better than updating the json line by line.
I'm undecided on automating this anytime the translation json gets
updated, since it could possibly ratelimit lingva instances.
Proxies that only support HTTP were causing request timeouts due to an
invalid upgrade to HTTPS when creating the request. This update restores
the ability to have an HTTP-only proxy for all requests.
Fixes#906
Parent sites using a 'www' subdomain or something similar were not
redirecting properly. This updates the hostname check to only validate
against the primary domain, except for Wikipedia since the subdomain is
used for interface translation in that case.
Fixes#901
Replacing result links and text when site alts are enabled is now part
of its own function, and handles replacement of link location and link
description separately.
Fixes#880
This can be updated later to allow users with cookies enabled to use a
key that is unique to their session (if they want, not mandatory), but
for now it makes more sense to just use a single key for all queries
from all users. This should eliminate a lot of issues that users have
reported where they are unable to decrypt queries or page elements due
to an expired/renewed session key.
The change made to whoogle-contrast-text in #873 wasn't the right
decision, since whoogle-contrast-text is meant to contrast with darker
UI elements. whoogle-text already contrasts with the default white
background.
* Sync setup.cfg with requirements.txt
* Include tests in PyPI tarballs
And exclude them from setuptools
* Set version number only once
Switch to PEP517 standard (pyproject.toml) for builds
New changes to google search now include ads prefixed with the keyword
"sponsored". This update should remove these from appearing in search
results.
Fixes#871
Heroku is no longer free, readme updated to reflect this change.
Removed whoogle.lunar.icu instance.
Co-authored-by: files18 <107342491+files18@users.noreply.github.com>
Changed the implementation to work if the bang is at anyplace in the query.
Added a check to not spend time looking for an operator if a "!" is not present
in the query.
No longer allowed to have the bang at the "!" char at the end, since this may
cause some conflicts like the issue cited before, where the ! is after a word
in the query, which is natural in most languages.
Adds support for encoding (and optionally encrypting) user config values as
a single string that can be passed to any endpoint with the "preferences" url
param.
Co-authored-by: Ben Busby <contact@benbusby.com>
Sessions are no longer validated using the "/session/..." route. This
created a lot of problems due to buggy/unexpected behavior coming from
the Flask-Session dependency, which is (more or less) no longer
maintained.
Sessions are also no longer strictly server-side-only. The majority of
information that was being stored in user sessions was aesthetic only,
aside from the session specific key used to encrypt URLs. This key is
still unique per user, but is not (or shouldn't be) in anyone's threat
model to keep absolutely 100% private from everyone. Especially paranoid
users of Whoogle can easily modify the code to use a randomly generated
encryption key that is reset on session invalidation (and set
invalidation time to a short enough period for their liking).
Ultimately, this should result in much more stable sessions per client.
There shouldn't be decryption issues with element URLs or queries
during result page navigation.
The Tor service logs often confuse Whoogle users, since they're a lot
more verbose than anything Whoogle ever reports. The bulk of these logs
use "notice" level logging and are not helpful for the average user, so
everything between debug and notice is now directed to /dev/null.
Fixes#825
