2020-05-07 03:13:02 +03:00
|
|
|
import argparse
|
2020-05-23 23:27:23 +03:00
|
|
|
import base64
|
2020-04-28 05:21:36 +03:00
|
|
|
import io
|
2020-04-05 04:30:53 +03:00
|
|
|
import json
|
2020-01-21 23:26:49 +03:00
|
|
|
import os
|
2020-06-02 21:54:47 +03:00
|
|
|
import pickle
|
2020-02-22 02:52:29 +03:00
|
|
|
import urllib.parse as urlparse
|
2020-06-02 21:54:47 +03:00
|
|
|
import uuid
|
2020-06-11 21:14:57 +03:00
|
|
|
from functools import wraps
|
|
|
|
|
2020-05-13 02:14:55 +03:00
|
|
|
import waitress
|
2020-06-11 21:14:57 +03:00
|
|
|
from flask import jsonify, make_response, request, redirect, render_template, send_file, session
|
|
|
|
from requests import exceptions
|
|
|
|
|
|
|
|
from app import app
|
|
|
|
from app.models.config import Config
|
|
|
|
from app.request import Request
|
2020-07-26 20:53:59 +03:00
|
|
|
from app.utils.session_utils import valid_user_session
|
2020-06-11 21:14:57 +03:00
|
|
|
from app.utils.routing_utils import *
|
2020-01-21 23:26:49 +03:00
|
|
|
|
2020-10-10 22:55:14 +03:00
|
|
|
# Load DDG bang json files only on init
|
|
|
|
bang_json = json.load(open(app.config['BANG_FILE']))
|
|
|
|
|
2020-02-22 02:52:29 +03:00
|
|
|
|
2020-05-18 19:30:32 +03:00
|
|
|
def auth_required(f):
|
|
|
|
@wraps(f)
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
auth = request.authorization
|
|
|
|
|
|
|
|
# Skip if username/password not set
|
|
|
|
whoogle_user = os.getenv('WHOOGLE_USER', '')
|
|
|
|
whoogle_pass = os.getenv('WHOOGLE_PASS', '')
|
2020-05-20 20:02:30 +03:00
|
|
|
if (not whoogle_user or not whoogle_pass) or \
|
|
|
|
(auth and whoogle_user == auth.username and whoogle_pass == auth.password):
|
2020-05-18 19:30:32 +03:00
|
|
|
return f(*args, **kwargs)
|
|
|
|
else:
|
|
|
|
return make_response('Not logged in', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
|
|
|
|
return decorated
|
|
|
|
|
|
|
|
|
2020-04-24 05:59:43 +03:00
|
|
|
@app.before_request
|
|
|
|
def before_request_func():
|
2020-06-06 00:24:44 +03:00
|
|
|
g.request_params = request.args if request.method == 'GET' else request.form
|
|
|
|
g.cookies_disabled = False
|
|
|
|
|
|
|
|
# Generate session values for user if unavailable
|
2020-06-02 21:54:47 +03:00
|
|
|
if not valid_user_session(session):
|
2020-06-06 00:24:44 +03:00
|
|
|
session['config'] = json.load(open(app.config['DEFAULT_CONFIG'])) \
|
|
|
|
if os.path.exists(app.config['DEFAULT_CONFIG']) else {'url': request.url_root}
|
2020-06-02 21:54:47 +03:00
|
|
|
session['uuid'] = str(uuid.uuid4())
|
2020-06-06 00:24:44 +03:00
|
|
|
session['fernet_keys'] = generate_user_keys(True)
|
|
|
|
|
|
|
|
# Flag cookies as possibly disabled in order to prevent against
|
|
|
|
# unnecessary session directory expansion
|
|
|
|
g.cookies_disabled = True
|
2020-06-02 21:54:47 +03:00
|
|
|
|
|
|
|
if session['uuid'] not in app.user_elements:
|
|
|
|
app.user_elements.update({session['uuid']: 0})
|
|
|
|
|
|
|
|
# Always redirect to https if HTTPS_ONLY is set (otherwise default to False)
|
2020-05-16 01:29:22 +03:00
|
|
|
https_only = os.getenv('HTTPS_ONLY', False)
|
|
|
|
|
|
|
|
if https_only and request.url.startswith('http://'):
|
2020-06-02 21:54:47 +03:00
|
|
|
return redirect(request.url.replace('http://', 'https://', 1), code=308)
|
2020-06-27 23:23:17 +03:00
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
g.user_config = Config(**session['config'])
|
2020-05-10 22:27:02 +03:00
|
|
|
|
2020-05-13 02:15:53 +03:00
|
|
|
if not g.user_config.url:
|
2020-05-16 01:29:22 +03:00
|
|
|
g.user_config.url = request.url_root.replace('http://', 'https://') if https_only else request.url_root
|
2020-05-10 22:27:02 +03:00
|
|
|
|
2020-06-27 23:23:17 +03:00
|
|
|
g.user_request = Request(request.headers.get('User-Agent'), language=g.user_config.lang_search)
|
2020-05-13 02:15:53 +03:00
|
|
|
g.app_location = g.user_config.url
|
2020-01-22 08:51:02 +03:00
|
|
|
|
2020-01-21 23:26:49 +03:00
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
@app.after_request
|
|
|
|
def after_request_func(response):
|
|
|
|
if app.user_elements[session['uuid']] <= 0 and '/element' in request.url:
|
2020-06-06 00:24:44 +03:00
|
|
|
# Regenerate element key if all elements have been served to user
|
|
|
|
session['fernet_keys']['element_key'] = '' if not g.cookies_disabled else app.default_key_set['element_key']
|
2020-06-02 21:54:47 +03:00
|
|
|
app.user_elements[session['uuid']] = 0
|
|
|
|
|
2020-06-06 00:24:44 +03:00
|
|
|
# Check if address consistently has cookies blocked, in which case start removing session
|
|
|
|
# files after creation.
|
|
|
|
# Note: This is primarily done to prevent overpopulation of session directories, since browsers that
|
|
|
|
# block cookies will still trigger Flask's session creation routine with every request.
|
|
|
|
if g.cookies_disabled and request.remote_addr not in app.no_cookie_ips:
|
|
|
|
app.no_cookie_ips.append(request.remote_addr)
|
|
|
|
elif g.cookies_disabled and request.remote_addr in app.no_cookie_ips:
|
|
|
|
session_list = list(session.keys())
|
|
|
|
for key in session_list:
|
|
|
|
session.pop(key)
|
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
return response
|
|
|
|
|
|
|
|
|
2020-05-06 03:28:43 +03:00
|
|
|
@app.errorhandler(404)
|
|
|
|
def unknown_page(e):
|
2020-05-10 22:27:02 +03:00
|
|
|
return redirect(g.app_location)
|
2020-05-06 03:28:43 +03:00
|
|
|
|
|
|
|
|
2020-01-21 23:26:49 +03:00
|
|
|
@app.route('/', methods=['GET'])
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-01-21 23:26:49 +03:00
|
|
|
def index():
|
2020-06-06 00:24:44 +03:00
|
|
|
# Reset keys
|
|
|
|
session['fernet_keys'] = generate_user_keys(g.cookies_disabled)
|
|
|
|
|
2020-05-13 02:15:53 +03:00
|
|
|
return render_template('index.html',
|
|
|
|
languages=Config.LANGUAGES,
|
2020-05-23 23:27:23 +03:00
|
|
|
countries=Config.COUNTRIES,
|
2020-06-02 21:54:47 +03:00
|
|
|
config=g.user_config,
|
|
|
|
version_number=app.config['VERSION_NUMBER'])
|
2020-01-21 23:26:49 +03:00
|
|
|
|
|
|
|
|
2020-04-25 03:45:57 +03:00
|
|
|
@app.route('/opensearch.xml', methods=['GET'])
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-04-25 03:45:57 +03:00
|
|
|
def opensearch():
|
2020-05-10 22:27:02 +03:00
|
|
|
opensearch_url = g.app_location
|
|
|
|
if opensearch_url.endswith('/'):
|
|
|
|
opensearch_url = opensearch_url[:-1]
|
2020-04-25 03:45:57 +03:00
|
|
|
|
2020-08-15 22:02:17 +03:00
|
|
|
return render_template(
|
|
|
|
'opensearch.xml',
|
|
|
|
main_url=opensearch_url,
|
2020-08-15 23:03:26 +03:00
|
|
|
request_type='' if g.user_config.get_only else 'method="post"'
|
2020-08-15 22:02:17 +03:00
|
|
|
), 200, {'Content-Disposition': 'attachment; filename="opensearch.xml"'}
|
2020-04-25 03:45:57 +03:00
|
|
|
|
|
|
|
|
2020-05-24 23:03:11 +03:00
|
|
|
@app.route('/autocomplete', methods=['GET', 'POST'])
|
|
|
|
def autocomplete():
|
2020-06-06 00:24:44 +03:00
|
|
|
q = g.request_params.get('q')
|
2020-05-24 23:03:11 +03:00
|
|
|
|
2020-10-10 22:55:14 +03:00
|
|
|
# Search bangs if the query begins with "!", but not "! " (feeling lucky)
|
|
|
|
if q.startswith('!') and len(q) > 1 and not q.startswith('! '):
|
|
|
|
return jsonify([q, [bang_json[_]['suggestion'] for _ in bang_json if _.startswith(q)]])
|
|
|
|
|
2020-05-24 23:03:11 +03:00
|
|
|
if not q and not request.data:
|
|
|
|
return jsonify({'?': []})
|
|
|
|
elif request.data:
|
|
|
|
q = urlparse.unquote_plus(request.data.decode('utf-8').replace('q=', ''))
|
|
|
|
|
|
|
|
return jsonify([q, g.user_request.autocomplete(q)])
|
|
|
|
|
|
|
|
|
2020-04-29 03:19:34 +03:00
|
|
|
@app.route('/search', methods=['GET', 'POST'])
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-01-21 23:26:49 +03:00
|
|
|
def search():
|
2020-06-06 00:24:44 +03:00
|
|
|
# Reset element counter
|
2020-06-02 21:54:47 +03:00
|
|
|
app.user_elements[session['uuid']] = 0
|
2020-05-20 20:02:30 +03:00
|
|
|
|
2020-06-06 00:24:44 +03:00
|
|
|
search_util = RoutingUtils(request, g.user_config, session, cookies_disabled=g.cookies_disabled)
|
2020-06-02 21:54:47 +03:00
|
|
|
query = search_util.new_search_query()
|
2020-05-18 19:28:23 +03:00
|
|
|
|
2020-10-10 22:55:14 +03:00
|
|
|
resolved_bangs = search_util.bang_operator(bang_json)
|
2020-06-26 01:26:02 +03:00
|
|
|
if resolved_bangs != '':
|
|
|
|
return redirect(resolved_bangs)
|
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
# Redirect to home if invalid/blank search
|
|
|
|
if not query:
|
|
|
|
return redirect('/')
|
2020-05-18 19:28:23 +03:00
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
# Generate response and number of external elements from the page
|
|
|
|
response, elements = search_util.generate_response()
|
|
|
|
if search_util.feeling_lucky:
|
|
|
|
return redirect(response, code=303)
|
2020-05-18 19:28:23 +03:00
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
# Keep count of external elements to fetch before element key can be regenerated
|
|
|
|
app.user_elements[session['uuid']] = elements
|
2020-05-25 19:53:15 +03:00
|
|
|
|
2020-05-24 23:03:11 +03:00
|
|
|
return render_template(
|
|
|
|
'display.html',
|
2020-06-02 21:54:47 +03:00
|
|
|
query=urlparse.unquote(query),
|
|
|
|
search_type=search_util.search_type,
|
2020-05-26 19:58:37 +03:00
|
|
|
dark_mode=g.user_config.dark,
|
2020-06-02 21:54:47 +03:00
|
|
|
response=response,
|
2020-06-11 22:25:23 +03:00
|
|
|
version_number=app.config['VERSION_NUMBER'],
|
2020-05-24 23:03:11 +03:00
|
|
|
search_header=render_template(
|
|
|
|
'header.html',
|
2020-05-26 19:39:19 +03:00
|
|
|
dark_mode=g.user_config.dark,
|
2020-06-02 21:54:47 +03:00
|
|
|
query=urlparse.unquote(query),
|
|
|
|
search_type=search_util.search_type,
|
|
|
|
mobile=g.user_request.mobile) if 'isch' not in search_util.search_type else '')
|
2020-01-21 23:26:49 +03:00
|
|
|
|
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
@app.route('/config', methods=['GET', 'POST', 'PUT'])
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-04-06 02:59:50 +03:00
|
|
|
def config():
|
2020-04-16 02:41:53 +03:00
|
|
|
if request.method == 'GET':
|
2020-05-13 02:15:53 +03:00
|
|
|
return json.dumps(g.user_config.__dict__)
|
2020-06-02 21:54:47 +03:00
|
|
|
elif request.method == 'PUT':
|
|
|
|
if 'name' in request.args:
|
2020-06-06 00:24:44 +03:00
|
|
|
config_pkl = os.path.join(app.config['CONFIG_PATH'], request.args.get('name'))
|
2020-06-02 21:54:47 +03:00
|
|
|
session['config'] = pickle.load(open(config_pkl, 'rb')) if os.path.exists(config_pkl) else session['config']
|
|
|
|
return json.dumps(session['config'])
|
|
|
|
else:
|
|
|
|
return json.dumps({})
|
2020-04-16 02:41:53 +03:00
|
|
|
else:
|
2020-04-29 05:50:12 +03:00
|
|
|
config_data = request.form.to_dict()
|
2020-05-10 22:27:02 +03:00
|
|
|
if 'url' not in config_data or not config_data['url']:
|
2020-05-16 01:29:22 +03:00
|
|
|
config_data['url'] = g.user_config.url
|
2020-05-10 22:27:02 +03:00
|
|
|
|
2020-06-06 00:24:44 +03:00
|
|
|
# Save config by name to allow a user to easily load later
|
2020-06-02 21:54:47 +03:00
|
|
|
if 'name' in request.args:
|
2020-06-06 00:24:44 +03:00
|
|
|
pickle.dump(config_data, open(os.path.join(app.config['CONFIG_PATH'], request.args.get('name')), 'wb'))
|
|
|
|
|
|
|
|
# Overwrite default config if user has cookies disabled
|
|
|
|
if g.cookies_disabled:
|
|
|
|
open(app.config['DEFAULT_CONFIG'], 'w').write(json.dumps(config_data, indent=4))
|
2020-04-06 02:59:50 +03:00
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
session['config'] = config_data
|
2020-05-10 22:27:02 +03:00
|
|
|
return redirect(config_data['url'])
|
2020-04-06 02:59:50 +03:00
|
|
|
|
|
|
|
|
2020-01-21 23:26:49 +03:00
|
|
|
@app.route('/url', methods=['GET'])
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-01-21 23:26:49 +03:00
|
|
|
def url():
|
2020-01-23 09:19:17 +03:00
|
|
|
if 'url' in request.args:
|
|
|
|
return redirect(request.args.get('url'))
|
|
|
|
|
2020-01-21 23:26:49 +03:00
|
|
|
q = request.args.get('q')
|
|
|
|
if len(q) > 0 and 'http' in q:
|
|
|
|
return redirect(q)
|
|
|
|
else:
|
2020-04-07 23:12:16 +03:00
|
|
|
return render_template('error.html', query=q)
|
2020-01-21 23:26:49 +03:00
|
|
|
|
|
|
|
|
2020-01-23 09:19:17 +03:00
|
|
|
@app.route('/imgres')
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-01-23 09:19:17 +03:00
|
|
|
def imgres():
|
|
|
|
return redirect(request.args.get('imgurl'))
|
|
|
|
|
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
@app.route('/element')
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-06-02 21:54:47 +03:00
|
|
|
def element():
|
2020-06-06 00:24:44 +03:00
|
|
|
cipher_suite = Fernet(session['fernet_keys']['element_key'])
|
2020-06-02 21:54:47 +03:00
|
|
|
src_url = cipher_suite.decrypt(request.args.get('url').encode()).decode()
|
|
|
|
src_type = request.args.get('type')
|
2020-05-23 23:27:23 +03:00
|
|
|
|
|
|
|
try:
|
2020-06-02 21:54:47 +03:00
|
|
|
file_data = g.user_request.send(base_url=src_url).content
|
|
|
|
app.user_elements[session['uuid']] -= 1
|
2020-05-23 23:27:23 +03:00
|
|
|
tmp_mem = io.BytesIO()
|
|
|
|
tmp_mem.write(file_data)
|
|
|
|
tmp_mem.seek(0)
|
|
|
|
|
2020-06-02 21:54:47 +03:00
|
|
|
return send_file(tmp_mem, mimetype=src_type)
|
|
|
|
except exceptions.RequestException:
|
2020-05-23 23:27:23 +03:00
|
|
|
pass
|
|
|
|
|
|
|
|
empty_gif = base64.b64decode('R0lGODlhAQABAIAAAP///////yH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==')
|
|
|
|
return send_file(io.BytesIO(empty_gif), mimetype='image/gif')
|
2020-04-28 05:21:36 +03:00
|
|
|
|
|
|
|
|
2020-02-22 02:52:29 +03:00
|
|
|
@app.route('/window')
|
2020-05-18 19:30:32 +03:00
|
|
|
@auth_required
|
2020-02-22 02:52:29 +03:00
|
|
|
def window():
|
2020-06-02 21:54:47 +03:00
|
|
|
get_body = g.user_request.send(base_url=request.args.get('location')).text
|
2020-02-22 02:52:29 +03:00
|
|
|
get_body = get_body.replace('src="/', 'src="' + request.args.get('location') + '"')
|
|
|
|
get_body = get_body.replace('href="/', 'href="' + request.args.get('location') + '"')
|
|
|
|
|
2020-04-24 05:59:43 +03:00
|
|
|
results = BeautifulSoup(get_body, 'html.parser')
|
2020-02-22 02:52:29 +03:00
|
|
|
|
|
|
|
try:
|
2020-04-24 05:59:43 +03:00
|
|
|
for script in results('script'):
|
2020-02-22 02:52:29 +03:00
|
|
|
script.decompose()
|
|
|
|
except Exception:
|
|
|
|
pass
|
|
|
|
|
2020-04-24 05:59:43 +03:00
|
|
|
return render_template('display.html', response=results)
|
2020-02-22 02:52:29 +03:00
|
|
|
|
|
|
|
|
2020-05-07 03:13:02 +03:00
|
|
|
def run_app():
|
|
|
|
parser = argparse.ArgumentParser(description='Whoogle Search console runner')
|
2020-05-13 02:14:55 +03:00
|
|
|
parser.add_argument('--port', default=5000, metavar='<port number>',
|
|
|
|
help='Specifies a port to run on (default 5000)')
|
2020-05-07 03:13:02 +03:00
|
|
|
parser.add_argument('--host', default='127.0.0.1', metavar='<ip address>',
|
|
|
|
help='Specifies the host address to use (default 127.0.0.1)')
|
|
|
|
parser.add_argument('--debug', default=False, action='store_true',
|
2020-05-13 02:14:55 +03:00
|
|
|
help='Activates debug mode for the server (default False)')
|
2020-05-16 00:44:50 +03:00
|
|
|
parser.add_argument('--https-only', default=False, action='store_true',
|
|
|
|
help='Enforces HTTPS redirects for all requests')
|
2020-05-18 19:30:32 +03:00
|
|
|
parser.add_argument('--userpass', default='', metavar='<username:password>',
|
|
|
|
help='Sets a username/password basic auth combo (default None)')
|
2020-05-07 03:13:02 +03:00
|
|
|
args = parser.parse_args()
|
2020-05-18 19:30:32 +03:00
|
|
|
|
|
|
|
if args.userpass:
|
|
|
|
user_pass = args.userpass.split(':')
|
|
|
|
os.environ['WHOOGLE_USER'] = user_pass[0]
|
|
|
|
os.environ['WHOOGLE_PASS'] = user_pass[1]
|
|
|
|
|
2020-05-16 00:44:50 +03:00
|
|
|
os.environ['HTTPS_ONLY'] = '1' if args.https_only else ''
|
|
|
|
|
2020-05-13 02:14:55 +03:00
|
|
|
if args.debug:
|
|
|
|
app.run(host=args.host, port=args.port, debug=args.debug)
|
|
|
|
else:
|
|
|
|
waitress.serve(app, listen="{}:{}".format(args.host, args.port))
|