Add option to disable changing config from client (#295)
* Add option to disable changing of configuration Introduces a test to ensure the correct response code is found when attempting to update the config when disabled, and ensure default config is unchanged when posting a new config dict. Attempting to update the config using the API when disabled now returns a 403 code + redirect. Co-authored-by: Ben Busby <benbusby@protonmail.com>main
parent
8ae7b5947e
commit
d6d7110e22
5
app.json
5
app.json
|
@ -80,6 +80,11 @@
|
||||||
"value": "",
|
"value": "",
|
||||||
"required": false
|
"required": false
|
||||||
},
|
},
|
||||||
|
"WHOOGLE_CONFIG_DISABLE": {
|
||||||
|
"description": "[CONFIG] Disable ability for client to change config (set to 1 or leave blank)",
|
||||||
|
"value": "",
|
||||||
|
"required": false
|
||||||
|
},
|
||||||
"WHOOGLE_CONFIG_DARK": {
|
"WHOOGLE_CONFIG_DARK": {
|
||||||
"description": "[CONFIG] Enable dark mode (set to 1 or leave blank)",
|
"description": "[CONFIG] Enable dark mode (set to 1 or leave blank)",
|
||||||
"value": "",
|
"value": "",
|
||||||
|
|
|
@ -39,6 +39,7 @@ app.config['CONFIG_PATH'] = os.getenv(
|
||||||
app.config['DEFAULT_CONFIG'] = os.path.join(
|
app.config['DEFAULT_CONFIG'] = os.path.join(
|
||||||
app.config['CONFIG_PATH'],
|
app.config['CONFIG_PATH'],
|
||||||
'config.json')
|
'config.json')
|
||||||
|
app.config['CONFIG_DISABLE'] = os.getenv('WHOOGLE_CONFIG_DISABLE', '')
|
||||||
app.config['SESSION_FILE_DIR'] = os.path.join(
|
app.config['SESSION_FILE_DIR'] = os.path.join(
|
||||||
app.config['CONFIG_PATH'],
|
app.config['CONFIG_PATH'],
|
||||||
'session')
|
'session')
|
||||||
|
|
|
@ -129,6 +129,7 @@ def index():
|
||||||
logo=render_template(
|
logo=render_template(
|
||||||
'logo.html',
|
'logo.html',
|
||||||
dark=g.user_config.dark),
|
dark=g.user_config.dark),
|
||||||
|
config_disabled=app.config['CONFIG_DISABLE'],
|
||||||
config=g.user_config,
|
config=g.user_config,
|
||||||
tor_available=int(os.environ.get('TOR_AVAILABLE')),
|
tor_available=int(os.environ.get('TOR_AVAILABLE')),
|
||||||
version_number=app.config['VERSION_NUMBER'])
|
version_number=app.config['VERSION_NUMBER'])
|
||||||
|
@ -237,9 +238,10 @@ def search():
|
||||||
@app.route('/config', methods=['GET', 'POST', 'PUT'])
|
@app.route('/config', methods=['GET', 'POST', 'PUT'])
|
||||||
@auth_required
|
@auth_required
|
||||||
def config():
|
def config():
|
||||||
|
config_disabled = app.config['CONFIG_DISABLE']
|
||||||
if request.method == 'GET':
|
if request.method == 'GET':
|
||||||
return json.dumps(g.user_config.__dict__)
|
return json.dumps(g.user_config.__dict__)
|
||||||
elif request.method == 'PUT':
|
elif request.method == 'PUT' and not config_disabled:
|
||||||
if 'name' in request.args:
|
if 'name' in request.args:
|
||||||
config_pkl = os.path.join(
|
config_pkl = os.path.join(
|
||||||
app.config['CONFIG_PATH'],
|
app.config['CONFIG_PATH'],
|
||||||
|
@ -250,7 +252,7 @@ def config():
|
||||||
return json.dumps(session['config'])
|
return json.dumps(session['config'])
|
||||||
else:
|
else:
|
||||||
return json.dumps({})
|
return json.dumps({})
|
||||||
else:
|
elif not config_disabled:
|
||||||
config_data = request.form.to_dict()
|
config_data = request.form.to_dict()
|
||||||
if 'url' not in config_data or not config_data['url']:
|
if 'url' not in config_data or not config_data['url']:
|
||||||
config_data['url'] = g.user_config.url
|
config_data['url'] = g.user_config.url
|
||||||
|
@ -270,6 +272,8 @@ def config():
|
||||||
|
|
||||||
session['config'] = config_data
|
session['config'] = config_data
|
||||||
return redirect(config_data['url'])
|
return redirect(config_data['url'])
|
||||||
|
else:
|
||||||
|
return redirect(url_for('.index'), code=403)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/url', methods=['GET'])
|
@app.route('/url', methods=['GET'])
|
||||||
|
|
|
@ -56,111 +56,113 @@
|
||||||
<input type="submit" id="search-submit" value="Search">
|
<input type="submit" id="search-submit" value="Search">
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<br/>
|
{% if not config_disabled %}
|
||||||
<button id="config-collapsible" class="collapsible">Configuration</button>
|
<br/>
|
||||||
<div class="content">
|
<button id="config-collapsible" class="collapsible">Configuration</button>
|
||||||
<div class="config-fields">
|
<div class="content">
|
||||||
<form id="config-form" action="config" method="post">
|
<div class="config-fields">
|
||||||
<div class="config-div config-div-ctry">
|
<form id="config-form" action="config" method="post">
|
||||||
<label for="config-ctry">Filter Results by Country: </label>
|
<div class="config-div config-div-ctry">
|
||||||
<select name="ctry" id="config-ctry">
|
<label for="config-ctry">Filter Results by Country: </label>
|
||||||
{% for ctry in countries %}
|
<select name="ctry" id="config-ctry">
|
||||||
<option value="{{ ctry.value }}"
|
{% for ctry in countries %}
|
||||||
{% if ctry.value in config.ctry %}
|
<option value="{{ ctry.value }}"
|
||||||
selected
|
{% if ctry.value in config.ctry %}
|
||||||
{% endif %}>
|
selected
|
||||||
{{ ctry.name }}
|
{% endif %}>
|
||||||
</option>
|
{{ ctry.name }}
|
||||||
{% endfor %}
|
</option>
|
||||||
</select>
|
{% endfor %}
|
||||||
<div><span class="info-text"> — Note: If enabled, a website will only appear in the results if it is *hosted* in the selected country.</span></div>
|
</select>
|
||||||
</div>
|
<div><span class="info-text"> — Note: If enabled, a website will only appear in the results if it is *hosted* in the selected country.</span></div>
|
||||||
<div class="config-div config-div-lang">
|
</div>
|
||||||
<label for="config-lang-interface">Interface Language: </label>
|
<div class="config-div config-div-lang">
|
||||||
<select name="lang_interface" id="config-lang-interface">
|
<label for="config-lang-interface">Interface Language: </label>
|
||||||
{% for lang in languages %}
|
<select name="lang_interface" id="config-lang-interface">
|
||||||
<option value="{{ lang.value }}"
|
{% for lang in languages %}
|
||||||
{% if lang.value in config.lang_interface %}
|
<option value="{{ lang.value }}"
|
||||||
selected
|
{% if lang.value in config.lang_interface %}
|
||||||
{% endif %}>
|
selected
|
||||||
{{ lang.name }}
|
{% endif %}>
|
||||||
</option>
|
{{ lang.name }}
|
||||||
{% endfor %}
|
</option>
|
||||||
</select>
|
{% endfor %}
|
||||||
</div>
|
</select>
|
||||||
<div class="config-div config-div-search-lang">
|
</div>
|
||||||
<label for="config-lang-search">Search Language: </label>
|
<div class="config-div config-div-search-lang">
|
||||||
<select name="lang_search" id="config-lang-search">
|
<label for="config-lang-search">Search Language: </label>
|
||||||
{% for lang in languages %}
|
<select name="lang_search" id="config-lang-search">
|
||||||
<option value="{{ lang.value }}"
|
{% for lang in languages %}
|
||||||
{% if lang.value in config.lang_search %}
|
<option value="{{ lang.value }}"
|
||||||
selected
|
{% if lang.value in config.lang_search %}
|
||||||
{% endif %}>
|
selected
|
||||||
{{ lang.name }}
|
{% endif %}>
|
||||||
</option>
|
{{ lang.name }}
|
||||||
{% endfor %}
|
</option>
|
||||||
</select>
|
{% endfor %}
|
||||||
</div>
|
</select>
|
||||||
<div class="config-div config-div-near">
|
</div>
|
||||||
<label for="config-near">Near: </label>
|
<div class="config-div config-div-near">
|
||||||
<input type="text" name="near" id="config-near" placeholder="City Name" value="{{ config.near }}">
|
<label for="config-near">Near: </label>
|
||||||
</div>
|
<input type="text" name="near" id="config-near" placeholder="City Name" value="{{ config.near }}">
|
||||||
<div class="config-div config-div-nojs">
|
</div>
|
||||||
<label for="config-nojs">Show NoJS Links: </label>
|
<div class="config-div config-div-nojs">
|
||||||
<input type="checkbox" name="nojs" id="config-nojs" {{ 'checked' if config.nojs else '' }}>
|
<label for="config-nojs">Show NoJS Links: </label>
|
||||||
</div>
|
<input type="checkbox" name="nojs" id="config-nojs" {{ 'checked' if config.nojs else '' }}>
|
||||||
<div class="config-div config-div-dark">
|
</div>
|
||||||
<label for="config-dark">Dark Mode: </label>
|
<div class="config-div config-div-dark">
|
||||||
<input type="checkbox" name="dark" id="config-dark" {{ 'checked' if config.dark else '' }}>
|
<label for="config-dark">Dark Mode: </label>
|
||||||
</div>
|
<input type="checkbox" name="dark" id="config-dark" {{ 'checked' if config.dark else '' }}>
|
||||||
<div class="config-div config-div-safe">
|
</div>
|
||||||
<label for="config-safe">Safe Search: </label>
|
<div class="config-div config-div-safe">
|
||||||
<input type="checkbox" name="safe" id="config-safe" {{ 'checked' if config.safe else '' }}>
|
<label for="config-safe">Safe Search: </label>
|
||||||
</div>
|
<input type="checkbox" name="safe" id="config-safe" {{ 'checked' if config.safe else '' }}>
|
||||||
<div class="config-div config-div-alts">
|
</div>
|
||||||
<label class="tooltip" for="config-alts">Replace Social Media Links: </label>
|
<div class="config-div config-div-alts">
|
||||||
<input type="checkbox" name="alts" id="config-alts" {{ 'checked' if config.alts else '' }}>
|
<label class="tooltip" for="config-alts">Replace Social Media Links: </label>
|
||||||
<div><span class="info-text"> — Replaces Twitter/YouTube/Instagram/Reddit links
|
<input type="checkbox" name="alts" id="config-alts" {{ 'checked' if config.alts else '' }}>
|
||||||
with Nitter/Invidious/Bibliogram/Libreddit links.</span></div>
|
<div><span class="info-text"> — Replaces Twitter/YouTube/Instagram/Reddit links
|
||||||
</div>
|
with Nitter/Invidious/Bibliogram/Libreddit links.</span></div>
|
||||||
<div class="config-div config-div-new-tab">
|
</div>
|
||||||
<label for="config-new-tab">Open Links in New Tab: </label>
|
<div class="config-div config-div-new-tab">
|
||||||
<input type="checkbox" name="new_tab" id="config-new-tab" {{ 'checked' if config.new_tab else '' }}>
|
<label for="config-new-tab">Open Links in New Tab: </label>
|
||||||
</div>
|
<input type="checkbox" name="new_tab" id="config-new-tab" {{ 'checked' if config.new_tab else '' }}>
|
||||||
<div class="config-div config-div-tor">
|
</div>
|
||||||
<label for="config-tor">Use Tor: {{ '' if tor_available else 'Unavailable' }}</label>
|
<div class="config-div config-div-tor">
|
||||||
<input type="checkbox" name="tor" id="config-tor" {{ '' if tor_available else 'hidden' }} {{ 'checked' if config.tor else '' }}>
|
<label for="config-tor">Use Tor: {{ '' if tor_available else 'Unavailable' }}</label>
|
||||||
</div>
|
<input type="checkbox" name="tor" id="config-tor" {{ '' if tor_available else 'hidden' }} {{ 'checked' if config.tor else '' }}>
|
||||||
<div class="config-div config-div-get-only">
|
</div>
|
||||||
<label for="config-get-only">GET Requests Only: </label>
|
<div class="config-div config-div-get-only">
|
||||||
<input type="checkbox" name="get_only" id="config-get-only" {{ 'checked' if config.get_only else '' }}>
|
<label for="config-get-only">GET Requests Only: </label>
|
||||||
</div>
|
<input type="checkbox" name="get_only" id="config-get-only" {{ 'checked' if config.get_only else '' }}>
|
||||||
<div class="config-div config-div-root-url">
|
</div>
|
||||||
<label for="config-url">Root URL: </label>
|
<div class="config-div config-div-root-url">
|
||||||
<input type="text" name="url" id="config-url" value="{{ config.url }}">
|
<label for="config-url">Root URL: </label>
|
||||||
</div>
|
<input type="text" name="url" id="config-url" value="{{ config.url }}">
|
||||||
<div class="config-div config-div-custom-css">
|
</div>
|
||||||
<label for="config-style">Custom CSS:</label>
|
<div class="config-div config-div-custom-css">
|
||||||
<textarea
|
<label for="config-style">Custom CSS:</label>
|
||||||
name="style"
|
<textarea
|
||||||
id="config-style"
|
name="style"
|
||||||
autocapitalize="off"
|
id="config-style"
|
||||||
autocomplete="off"
|
autocapitalize="off"
|
||||||
spellcheck="false"
|
autocomplete="off"
|
||||||
autocorrect="off"
|
spellcheck="false"
|
||||||
value="">
|
autocorrect="off"
|
||||||
{{ config.style }}
|
value="">
|
||||||
</textarea>
|
{{ config.style }}
|
||||||
</div>
|
</textarea>
|
||||||
<div class="config-div">
|
</div>
|
||||||
<input type="submit" id="config-load" value="Load">
|
<div class="config-div">
|
||||||
<input type="submit" id="config-submit" value="Apply">
|
<input type="submit" id="config-load" value="Load">
|
||||||
<input type="submit" id="config-save" value="Save As...">
|
<input type="submit" id="config-submit" value="Apply">
|
||||||
</div>
|
<input type="submit" id="config-save" value="Save As...">
|
||||||
</form>
|
</div>
|
||||||
</div>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
<footer>
|
<footer>
|
||||||
<p style="color: {{ 'var(--whoogle-dark-text)' if config.dark else 'var(--whoogle-text)' }};">
|
<p style="color: {{ 'var(--whoogle-dark-text)' if config.dark else 'var(--whoogle-text)' }};">
|
||||||
Whoogle Search v{{ version_number }} ||
|
Whoogle Search v{{ version_number }} ||
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
from app import app
|
||||||
|
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from test.conftest import demo_config
|
from test.conftest import demo_config
|
||||||
|
@ -52,6 +54,17 @@ def test_config(client):
|
||||||
assert rv._status_code == 200
|
assert rv._status_code == 200
|
||||||
assert custom_config.replace('&', '&') in str(rv.data)
|
assert custom_config.replace('&', '&') in str(rv.data)
|
||||||
|
|
||||||
|
# Test disabling changing config from client
|
||||||
|
app.config['CONFIG_DISABLE'] = 1
|
||||||
|
dark_mod = not demo_config['dark']
|
||||||
|
demo_config['dark'] = dark_mod
|
||||||
|
rv = client.post('/config', data=demo_config)
|
||||||
|
assert rv._status_code == 403
|
||||||
|
|
||||||
|
rv = client.get('/config')
|
||||||
|
config = json.loads(rv.data)
|
||||||
|
assert config['dark'] != dark_mod
|
||||||
|
|
||||||
|
|
||||||
def test_opensearch(client):
|
def test_opensearch(client):
|
||||||
rv = client.get('/opensearch.xml')
|
rv = client.get('/opensearch.xml')
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
#WHOOGLE_CONFIG_COUNTRY=countryUK # See app/static/settings/countries.json for values
|
#WHOOGLE_CONFIG_COUNTRY=countryUK # See app/static/settings/countries.json for values
|
||||||
#WHOOGLE_CONFIG_LANGUAGE=lang_en # See app/static/settings/languages.json for values
|
#WHOOGLE_CONFIG_LANGUAGE=lang_en # See app/static/settings/languages.json for values
|
||||||
#WHOOGLE_CONFIG_SEARCH_LANGUAGE=lang_en # See app/static/settings/languages.json for values
|
#WHOOGLE_CONFIG_SEARCH_LANGUAGE=lang_en # See app/static/settings/languages.json for values
|
||||||
|
#WHOOGLE_CONFIG_DISABLE=1 # Disables changing of config from client
|
||||||
#WHOOGLE_CONFIG_DARK=1 # Dark mode
|
#WHOOGLE_CONFIG_DARK=1 # Dark mode
|
||||||
#WHOOGLE_CONFIG_SAFE=1 # Safe searches
|
#WHOOGLE_CONFIG_SAFE=1 # Safe searches
|
||||||
#WHOOGLE_CONFIG_ALTS=1 # Use social media site alternatives
|
#WHOOGLE_CONFIG_ALTS=1 # Use social media site alternatives
|
||||||
|
|
Loading…
Reference in New Issue