The arm/v7 builds have caused lots of problems due to the lack of
support from the cryptography library, and now issues related to
installing the latest version of cffi. As a result, this build variant
has been removed for now. It may or may not come back later, since the
amount of work just to figure out which library is broken and how to fix
it doesn't feel worth it anymore.
The redirects portion of the error page is only needed in scenarios
where the instance is rate limited, in which case the user's query is
provided to the error template. If this isn't provided, it should just
display the error and allow the user to redirect to the home page.
Fixes#1122
* Bump cryptography to 42.0.4
* Bump pyopenssl to 24.0.0
* Squashed commit of the following:
commit 2395bb7a6a
Author: Ben Busby <contact@benbusby.com>
Date: Wed Mar 6 09:35:48 2024 -0700
Remove version from DDG bangs url
Including the version portion of the URL now redirects to search results
for the name of the bang file, rather than returning the bang file
itself. Removing the version from the URL returns the correct bang file.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ben Busby <contact@benbusby.com>
Including the version portion of the URL now redirects to search results
for the name of the bang file, rather than returning the bang file
itself. Removing the version from the URL returns the correct bang file.
The error template previously only included the option to continue a
user's search via Farside (whoogle or searxng), and would only appear
when an instance was ratelimited. This has been updated to display
anytime an exception has occurred, and now includes other options for
continuing a search, such as Kagi, DDG, Brave, Ecosia, etc.
Closes#1099
- WHOOGLE_SHOW_FAVICONS: Default on, can be set to 0 to hide favicons
and skip the request for fetching them
- WHOOGLE_UPDATE_CHECK: Default on, can be set to 0 to disable the
daily check for new versions released on github
Closes#1098Closes#1059
The default unix socket permissions of 600 is too restrictive for many use
cases.
Added a new argument --unix-socket-perms which is passed to waitress to allow
for user configurable socket permissions
There are certain links (such as the age verification link mentioned in
issue #1083) that should trigger removal of the entire container div on
the results page, rather than just hiding the link itself.
This introduces a new `unsupported_g_divs` list that holds links that
will trigger a removal of the result div on the result page.
Fixes#1083
Since POST requests are now redirected to GET requests (with an
encrypted query string), POST searches are no longer the correct
approach to use for testing purposes.
This should fix the annoyance with browsers like Firefox not caching
POST request responses. By redirecting a POST search to be a GET request
instead (with an encrypted query string), the page can be cached and
successfully navigated back to after visiting a result.
DDG provides favicons using the url format
icons.duckduckgo.com/ip2/{site}.ico
This can be used to fetch favicons in the event that the default
"/favicon.ico" path does not work.
Scroller results (like the "latest from ___" or "top stories" results)
shouldn't have a site icon associated with them. This extracts the class
that those types of results have and skips over the process of inserting
an icon.
Audio controls are now always shown by default (mostly found in searches
that contain word pronunciation guides).
Site icons were moved to the left side of the results.
This improves the search result icon feature by "hiding" the site's icon
if one was not found. This happens in scenarios where a site doesn't
have a /favicon.ico due to having a unique path or using javascript to
load the icon.
This appends an icon element to each search result, using the result
domain's "/favicon.ico" path.
Note that some sites do not have a standard /favicon.ico, but have a
unique path to a specifically sized favicon instead. Worse still, some
sites use javascript to load their favicon, which would make it even
more difficult for Whoogle to figure out.
For now this approach is fine, but can be expanded upon in the future
if desired.
Domains were previously not validated before being handled, leading to a
potential scenario where someone could pass something like
"element_url=127.0.0.1:<port>/<resource>" to access other resources on a
machine running Whoogle. This change ensures that the resource used in
both endpoints is a valid domain.
This also includes validation of config names to prevent names from
including path values such as "../../(etc)".
When starting whoogle from another directory, the path to the calculator
widget was previously invalid. It now specifies the path relative to the widget
loader file.
The calculator was previously triggered for partial matches with words
like "calc", which meant searches containing the word "calcium" would
cause the calculator widget to appear.