mirror of
https://github.com/searxng/searxng.git
synced 2025-08-21 11:16:47 +02:00
ce8929cabe
Replaces `x_for` functionality with `trusted_proxies`. This allows defining which IP / ranges to trust extracting the client IP address from X-Forwarded-For and X-Real-IP headers. We don't know if the proxy chain will give us the proper client address (REMOTE_ADDR in the WSGI environment), so we rely on reading the headers of the proxy before SearXNG (if there is one, in that case it must be added to trusted_proxies) hoping it has done the proper checks. In case a proxy in the chain does not check the client address correctly, integrity is compromised and this should be fixed by whoever manages the proxy, not us. Closes: - https://github.com/searxng/searxng/issues/4940 - https://github.com/searxng/searxng/issues/4939 - https://github.com/searxng/searxng/issues/4907 - https://github.com/searxng/searxng/issues/3632 - https://github.com/searxng/searxng/issues/3191 - https://github.com/searxng/searxng/issues/1237 Related: - https://github.com/searxng/searxng-docker/issues/386 - https://github.com/inetol-infrastructure/searxng-container/issues/81 |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| _core.py | ||
| ahmia_filter.py | ||
| calculator.py | ||
| hash_plugin.py | ||
| hostnames.py | ||
| oa_doi_rewrite.py | ||
| self_info.py | ||
| tor_check.py | ||
| tracker_url_remover.py | ||
| unit_converter.py | ||