Markus Heiser
|
f24d85bc4b
|
[mod] drop: from __future__ import annotations
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
2025-09-03 13:37:36 +02:00 |
|
Ivan Gabaldon
|
ce8929cabe
|
[mod] limiter: trusted proxies (#4911)
Replaces `x_for` functionality with `trusted_proxies`. This allows defining
which IP / ranges to trust extracting the client IP address from X-Forwarded-For
and X-Real-IP headers.
We don't know if the proxy chain will give us the proper client
address (REMOTE_ADDR in the WSGI environment), so we rely on reading the headers
of the proxy before SearXNG (if there is one, in that case it must be added to
trusted_proxies) hoping it has done the proper checks. In case a proxy in the
chain does not check the client address correctly, integrity is compromised and
this should be fixed by whoever manages the proxy, not us.
Closes:
- https://github.com/searxng/searxng/issues/4940
- https://github.com/searxng/searxng/issues/4939
- https://github.com/searxng/searxng/issues/4907
- https://github.com/searxng/searxng/issues/3632
- https://github.com/searxng/searxng/issues/3191
- https://github.com/searxng/searxng/issues/1237
Related:
- https://github.com/searxng/searxng-docker/issues/386
- https://github.com/inetol-infrastructure/searxng-container/issues/81
|
2025-08-09 23:03:30 +02:00 |
|
Markus Heiser
|
39c50dc013
|
[fix] sec-fetch-* headers cannot be verified for non-secure requests (#4962)
Documentation / Release (push) Has been cancelled
Integration / Python 3.10 (push) Has been cancelled
Integration / Python 3.11 (push) Has been cancelled
Integration / Python 3.12 (push) Has been cancelled
Integration / Python 3.13 (push) Has been cancelled
Integration / Python 3.9 (push) Has been cancelled
Integration / Theme (push) Has been cancelled
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
2025-06-30 13:31:45 +02:00 |
|
Brock Vojkovic
|
ff60fe635f
|
[fix] sec-fetch-* blocking infinite scroll (#4728)
|
2025-05-07 10:38:21 +02:00 |
|
Markus Heiser
|
6e7119fa4e
|
[fix] references from searx.botdetection.http_sec_fetch (#4723)
|
2025-05-07 10:25:47 +02:00 |
|
Émilien (perso)
|
19b116f1d7
|
fix: check if the browser supports Sec-Fetch headers (#4696)
|
2025-05-04 10:12:25 +02:00 |
|
Markus Heiser
|
fe08bb1d90
|
[mod] botdetection: HTTP Fetch Metadata Request Headers
HTTP Fetch Metadata Request Headers [1][2] are used to detect bot requests. Bots
with invalid *Fetch Metadata* will be redirected to the intro (`index`) page.
[1] https://www.w3.org/TR/fetch-metadata/
[2] https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
2025-05-04 02:07:26 +02:00 |
|