whoogle-search/app
Ben Busby 2a0ad8796c
Switch to defusedxml for xml parsing
xml.etree.ElementTree.fromstring is considered insecure, see:
https://docs.python.org/3/library/xml.etree.elementtree.html

The defusedxml package contains several Python-only workarounds and
fixes for denial of service and other vulnerabilities in Python's XML
libraries: https://github.com/tiran/defusedxml

Fixes #670
2022-03-01 12:54:32 -07:00
..
models Only remove G links in footer 2022-03-01 12:48:33 -07:00
static Use consistent header for all result types (#535) 2022-02-07 10:47:25 -07:00
templates Give `Accept-Language` div its own class (#659) 2022-02-16 09:23:38 -07:00
utils Add test for empty bang behavior 2022-03-01 12:13:40 -07:00
__init__.py Check for updates using 24 hour time delta 2022-02-14 12:19:02 -07:00
__main__.py Swap out Flask's default web server for Waitress (#32) 2020-05-12 17:14:55 -06:00
filter.py Only remove G links in footer 2022-03-01 12:48:33 -07:00
request.py Switch to defusedxml for xml parsing 2022-03-01 12:54:32 -07:00
routes.py Fallback to home page for empty bang searches 2022-03-01 12:06:59 -07:00