whoogle-search/app
Ben Busby 32ad39d0e1
Refactor session behavior, remove `Flask-Session` dep
Sessions are no longer validated using the "/session/..." route. This
created a lot of problems due to buggy/unexpected behavior coming from
the Flask-Session dependency, which is (more or less) no longer
maintained.

Sessions are also no longer strictly server-side-only. The majority of
information that was being stored in user sessions was aesthetic only,
aside from the session specific key used to encrypt URLs. This key is
still unique per user, but is not (or shouldn't be) in anyone's threat
model to keep absolutely 100% private from everyone. Especially paranoid
users of Whoogle can easily modify the code to use a randomly generated
encryption key that is reset on session invalidation (and set
invalidation time to a short enough period for their liking).

Ultimately, this should result in much more stable sessions per client.
There shouldn't be decryption issues with element URLs or queries
during result page navigation.
2022-08-29 13:36:40 -06:00
..
models Refactor session behavior, remove `Flask-Session` dep 2022-08-29 13:36:40 -06:00
static Catch failure to restore adv search state 2022-08-03 17:59:08 -06:00
templates Add an "advanced search" toggle in result tabs 2022-08-03 17:55:26 -06:00
utils Include full path when determining proxy host url 2022-08-02 10:57:59 -06:00
__init__.py Refactor session behavior, remove `Flask-Session` dep 2022-08-29 13:36:40 -06:00
__main__.py Swap out Flask's default web server for Waitress (#32) 2020-05-12 17:14:55 -06:00
filter.py Remove google prefs link for mismatched language queries 2022-08-01 13:46:06 -06:00
request.py Fix typos [skip ci] (#813) 2022-07-13 10:08:44 -06:00
routes.py Refactor session behavior, remove `Flask-Session` dep 2022-08-29 13:36:40 -06:00