[mod] botdetection: trusted proxies

Replaces `x_for` functionality with `trusted_proxies`. This allows defining which IP / ranges to trust extracting the client IP address from X-Forwarded-For and X-Real-IP headers. We don't know if the proxy chain will give us the proper client address, so we rely on reading the headers of the proxy before SearXNG (if there is one, in that case it must be added to trusted_proxies) hoping it has done the proper checks. In case a proxy in the chain does not check the client address correctly, integrity is compromised and this should be fixed by whoever manages the proxy, not us. I had to move the get_cnf func to another file (config.py) to prevent cyclic imports since we need to read the list inside _helpers.py Closes https://github.com/searxng/searxng/issues/4907 Closes https://github.com/searxng/searxng/issues/3632 Closes https://github.com/searxng/searxng/issues/3191 Closes https://github.com/searxng/searxng/issues/1237 Related https://github.com/searxng/searxng-docker/issues/386 Related https://github.com/inetol-infrastructure/searxng-container/issues/81
2025-07-17 18:29:21 +02:00 · 2025-06-12 14:16:09 +02:00 · 2025-06-12 14:16:09 +02:00 · eb9f20a823
commit eb9f20a823
parent 4b9644eb27
10 changed files with 147 additions and 102 deletions
--- a/searx/botdetection/link_token.py
+++ b/searx/botdetection/link_token.py
@ -38,16 +38,15 @@ from __future__ import annotations
 from ipaddress import (
    IPv4Network,
    IPv6Network,
-    ip_address,
 )

-import string
 import random
+import string

 from searx import logger
 from searx import valkeydb
-from searx.valkeylib import secret_hash
 from searx.extended_types import SXNG_Request
+from searx.valkeylib import secret_hash

 from ._helpers import (
    get_network,
@ -98,15 +97,15 @@ def ping(request: SXNG_Request, token: str):
    The expire time of this ping-key is :py:obj:`PING_LIVE_TIME`.

    """
-    from . import valkey_client, cfg  # pylint: disable=import-outside-toplevel, cyclic-import
+    from . import valkey_client  # pylint: disable=import-outside-toplevel

    if not valkey_client:
        return
    if not token_is_valid(token):
        return

-    real_ip = ip_address(get_real_ip(request))
-    network = get_network(real_ip, cfg)
+    real_ip = get_real_ip(request)
+    network = get_network(real_ip)

    ping_key = get_ping_key(network, request)
    logger.debug("store ping_key for (client) network %s (IP %s) -> %s", network.compressed, real_ip, ping_key)