[fix] client/simple: insecure ctx clipboard copy

Uses the deprecated [`execCommand()`](https://developer.mozilla.org/en-US/docs/Web/API/Document/execCommand) to copy content to clipboard if accessing the instance through HTTP, this method isn't going away soon. Closes https://github.com/searxng/searxng/issues/5359
2025-12-22 19:50:00 +00:00 · 2025-10-24 11:28:07 +02:00
parent b770a46e1f
commit 8dacbbbb15
5 changed files with 59 additions and 22 deletions
--- a/searx/templates/simple/elements/search_url.html
+++ b/searx/templates/simple/elements/search_url.html
@@ -1,7 +1,7 @@
 <div id="search_url" role="complementary" aria-labelledby="search_url-title">
  <details class="sidebar-collapsible">
    <summary class="title" id="search_url-title">{{ _('Search URL') }}</summary>
-    <button id="copy_url" type="submit" data-copied-text="{{ _('Copied') }}">{{ _('Copy') }}</button>
+    <button id="copy_url" type="button" class="button" data-copied-text="{{ _('Copied') }}">{{ _('Copy') }}</button>
    <div class="selectable_url">
      <pre>{{ url_for('search', _external=True) }}?q={{ q|urlencode }}&amp;language={{ current_language }}&amp;time_range={{ time_range }}&amp;safesearch={{ safesearch }}
        {%- if pageno > 1 -%}
--- a/searx/templates/simple/preferences/cookies.html
+++ b/searx/templates/simple/preferences/cookies.html
@@ -51,7 +51,7 @@
      {{- preferences_url_params|e }}
    </pre>{{- '' -}}
  </div>
-  <button id="copy-hash" class="button" data-hash="{{- preferences_url_params|e -}}" data-copied-text="{{- _('Copied') -}}">{{- _('Copy') -}}</button>
+  <button id="copy-hash" type="button" class="button" data-hash="{{- preferences_url_params|e -}}" data-copied-text="{{- _('Copied') -}}">{{- _('Copy') -}}</button>
 </div>
 <h4>
  {{- _('Insert copied preferences hash (without URL) to restore') -}}:{{- '' -}}