Use X-Forwarded-Host as url_root when present (#799)
If Whoogle is accessed on a non-standard port _and_ proxied, this port is lost to the application and `element['src']`s are incorrectly formed (omitting port). HTTP x-Forwarded-Host will contain this front port number in a typical Nginx reverse proxy configuration.main
parent
c1d9373d55
commit
ee2d3726af
|
@ -15,6 +15,7 @@ from app.models.config import Config
|
|||
from app.models.endpoint import Endpoint
|
||||
from app.request import Request, TorError
|
||||
from app.utils.bangs import resolve_bang
|
||||
from app.utils.misc import get_proxy_host_url
|
||||
from app.filter import Filter
|
||||
from app.utils.misc import read_config_bool, get_client_ip, get_request_url, \
|
||||
check_for_update
|
||||
|
@ -144,10 +145,13 @@ def before_request_func():
|
|||
if (not Endpoint.autocomplete.in_path(request.path) and
|
||||
not Endpoint.healthz.in_path(request.path) and
|
||||
not Endpoint.opensearch.in_path(request.path)):
|
||||
# reconstruct url if X-Forwarded-Host header present
|
||||
request_url = get_proxy_host_url(request,
|
||||
get_request_url(request.url))
|
||||
return redirect(url_for(
|
||||
'session_check',
|
||||
session_id=session['uuid'],
|
||||
follow=get_request_url(request.url)), code=307)
|
||||
follow=request_url), code=307)
|
||||
else:
|
||||
g.user_config = Config(**session['config'])
|
||||
elif 'cookies_disabled' not in request.args:
|
||||
|
|
|
@ -35,6 +35,15 @@ def get_request_url(url: str) -> str:
|
|||
return url
|
||||
|
||||
|
||||
def get_proxy_host_url(r: Request, default: str) -> str:
|
||||
scheme = r.headers.get('X-Forwarded-Proto', 'http')
|
||||
http_host = r.headers.get('X-Forwarded-Host')
|
||||
if http_host:
|
||||
return f'{scheme}://{http_host}/'
|
||||
|
||||
return default
|
||||
|
||||
|
||||
def check_for_update(version_url: str, current: str) -> int:
|
||||
# Check for the latest version of Whoogle
|
||||
try:
|
||||
|
|
|
@ -4,6 +4,7 @@ from typing import Any
|
|||
|
||||
from app.filter import Filter
|
||||
from app.request import gen_query
|
||||
from app.utils.misc import get_proxy_host_url
|
||||
from app.utils.results import get_first_link
|
||||
from bs4 import BeautifulSoup as bsoup
|
||||
from cryptography.fernet import Fernet, InvalidToken
|
||||
|
@ -115,9 +116,11 @@ class Search:
|
|||
|
||||
"""
|
||||
mobile = 'Android' in self.user_agent or 'iPhone' in self.user_agent
|
||||
# reconstruct url if X-Forwarded-Host header present
|
||||
root_url = get_proxy_host_url(self.request, self.request.url_root)
|
||||
|
||||
content_filter = Filter(self.session_key,
|
||||
root_url=self.request.url_root,
|
||||
root_url=root_url,
|
||||
mobile=mobile,
|
||||
config=self.config,
|
||||
query=self.query)
|
||||
|
|
Loading…
Reference in New Issue