diff --git a/app.json b/app.json
index d1c7b55..6889e5b 100644
--- a/app.json
+++ b/app.json
@@ -80,6 +80,11 @@
"value": "",
"required": false
},
+ "WHOOGLE_CONFIG_DISABLE": {
+ "description": "[CONFIG] Disable ability for client to change config (set to 1 or leave blank)",
+ "value": "",
+ "required": false
+ },
"WHOOGLE_CONFIG_DARK": {
"description": "[CONFIG] Enable dark mode (set to 1 or leave blank)",
"value": "",
diff --git a/app/__init__.py b/app/__init__.py
index 164b8e9..a6dbd38 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -39,6 +39,7 @@ app.config['CONFIG_PATH'] = os.getenv(
app.config['DEFAULT_CONFIG'] = os.path.join(
app.config['CONFIG_PATH'],
'config.json')
+app.config['CONFIG_DISABLE'] = os.getenv('WHOOGLE_CONFIG_DISABLE', '')
app.config['SESSION_FILE_DIR'] = os.path.join(
app.config['CONFIG_PATH'],
'session')
diff --git a/app/routes.py b/app/routes.py
index ff915ca..053cb72 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -129,6 +129,7 @@ def index():
logo=render_template(
'logo.html',
dark=g.user_config.dark),
+ config_disabled=app.config['CONFIG_DISABLE'],
config=g.user_config,
tor_available=int(os.environ.get('TOR_AVAILABLE')),
version_number=app.config['VERSION_NUMBER'])
@@ -237,9 +238,10 @@ def search():
@app.route('/config', methods=['GET', 'POST', 'PUT'])
@auth_required
def config():
+ config_disabled = app.config['CONFIG_DISABLE']
if request.method == 'GET':
return json.dumps(g.user_config.__dict__)
- elif request.method == 'PUT':
+ elif request.method == 'PUT' and not config_disabled:
if 'name' in request.args:
config_pkl = os.path.join(
app.config['CONFIG_PATH'],
@@ -250,7 +252,7 @@ def config():
return json.dumps(session['config'])
else:
return json.dumps({})
- else:
+ elif not config_disabled:
config_data = request.form.to_dict()
if 'url' not in config_data or not config_data['url']:
config_data['url'] = g.user_config.url
@@ -270,6 +272,8 @@ def config():
session['config'] = config_data
return redirect(config_data['url'])
+ else:
+ return redirect(url_for('.index'), code=403)
@app.route('/url', methods=['GET'])
diff --git a/app/templates/index.html b/app/templates/index.html
index 41c33ae..3625719 100644
--- a/app/templates/index.html
+++ b/app/templates/index.html
@@ -56,111 +56,113 @@
-
-
-