From 0c0ebb8917d73ec3bbfa6274b5e141fac56cc222 Mon Sep 17 00:00:00 2001 From: Ben Busby Date: Tue, 28 Apr 2020 18:19:34 -0600 Subject: [PATCH] Added POST search, encrypted query strings, refactoring The implementation of POST search support comes with a few benefits. The most apparent is the avoidance of search queries appearing in web server logs -- instead of the prior GET approach (i.e. /search?q=my+search+query), using POST requests with the query stored in the request body creates logs that simply appear as "/search". Since a lot of relative links are generated in the results page, I came up with a way to generate a unique key at run time that is used to encrypt any query strings before sending to the user. This benefits both regular text queries as well as fetching of image links and means that web logs will only show an encrypted string where a link or query string might slip through. Unfortunately, GET search requests still need to be supported, as it doesn't seem that Firefox (on iOS) supports loading search engines by their opensearch.xml file, but instead relies on manual entry of a search query string. Once this is updated, I'll probably remove GET request search support. --- README.md | 5 +- app/__init__.py | 2 + app/filter.py | 221 +++++++++++++++++++---------------- app/request.py | 3 + app/routes.py | 25 ++-- app/static/css/main.css | 3 +- app/static/js/controller.js | 4 - app/templates/index.html | 10 +- app/templates/opensearch.xml | 4 +- 9 files changed, 156 insertions(+), 121 deletions(-) diff --git a/README.md b/README.md index 341166d..616ccc4 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ pip install -r requirements.txt ./run ``` -### C) Manual Setup (Docker) +### C) Manual Setup (Docker) 1. Ensure the Docker daemon is running, and is accessible by your user account - To add user permissions, you can execute `sudo usermod -aG docker yourusername` - Running `docker ps` should return something besides an error. If you encounter an error saying the daemon isn't running, try `sudo systemctl start docker` (Linux) or ensure the docker tool is running (Windows/macOS). @@ -102,10 +102,11 @@ To filter by a range of time, append ":past