Commit Graph

3296 Commits

Author SHA1 Message Date
Markus Heiser bdf392093a build requirements: add a shell script static analysis tool
ShellCheck: https://github.com/koalaman/shellcheck

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-08 18:09:36 +01:00
Adam Tauber 68abe6ff11
Merge pull request #1800 from Yetangitu/flickr_noapi_double_encode
[engines|fix] flickr_noapi: Fix double-encode error (fixes #1799)
2020-01-08 00:42:17 +00:00
frankdelange db9d7d47bd Fix double-encode error (fixes #1799) 2020-01-07 21:41:43 +01:00
Markus Heiser 22d05b3e59
Merge pull request #1791 from return42/add-docs
misc docs
2020-01-06 14:28:24 +00:00
Markus Heiser 86b5163641 docs: move wiki/Searx-instances from wiki to docs
fix project link in conf.py

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-06 15:06:36 +01:00
Markus Heiser f521a279ac Merge branch 'master' of https://github.com/asciimoo/searx into add-docs 2020-01-06 14:32:34 +01:00
Markus Heiser 0f4f0e517e docs(user): move wiki/Searx-instances from wiki to docs
fixed some reST markups

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-06 14:31:18 +01:00
Markus Heiser a3bbf95ad5
Merge pull request #1781 from finn0/bug/oscar-theme
Oscar: move info box at top of the page
2020-01-06 08:16:22 +00:00
Markus Heiser 1d86d0054f
Merge branch 'master' into bug/oscar-theme 2020-01-06 08:05:29 +00:00
Markus Heiser 3bb97fcb84 docs(user): public instances, fix Searxes@Danwin entry
fixes: https://github.com/asciimoo/searx/issues/1770

This is not Searx at all. This is Meta-Searx with other engines.

See https://github.com/asciimoo/searx/issues/1770#issuecomment-570776655

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-05 10:02:42 +01:00
Markus Heiser 200c3a31f5 docs(user): move wiki/Searx-instances from wiki to docs (WIP)
Move wiki entry https://github.com/asciimoo/searx/wiki/Searx-instances
into user section of the docs (#1785).

links has been ported from markdown to reST by::

      regexpr:        \[([^\]]*)\]\(([^)]*)\)
      substitution:  `\1 <\2>`__

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-04 18:26:04 +01:00
Markus Heiser 7347d9b508 docs(user): move wiki/Searx-instances from wiki to docs
Move wiki entry https://github.com/asciimoo/searx/wiki/Searx-instances
into user section of the docs (#1785).

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2020-01-04 17:09:11 +01:00
Markus Heiser 51b9295b84 Merge branch 'master' of https://github.com/asciimoo/searx into add-docs 2020-01-03 14:30:53 +01:00
Adam Tauber 17b6faa4c3 [fix] pep8 2020-01-02 22:38:12 +01:00
Adam Tauber ad5bb994b1 [fix] add py3 compatibility 2020-01-02 22:30:18 +01:00
Adam Tauber 1e6253ce16 [fix] handle empty response 2020-01-02 22:29:55 +01:00
Adam Tauber 86a378bd01 [fix] handle missing thumbnail 2020-01-02 22:29:28 +01:00
Adam Tauber 2dc2e1e8f9 [fix] skip invalid encoded attributes 2020-01-02 22:29:10 +01:00
Adam Tauber 2292e6e130 [fix] handle missing result size 2020-01-02 22:28:47 +01:00
Adam Tauber a1b85571a2 [fix] tmp suspend insecure engines 2020-01-02 22:28:18 +01:00
Markus Heiser 2a7855854b
Merge pull request #1623 from ypid/fix/nginx-subdir-hosting
Fix Nginx subdir URL install docs which allowed download of settings.yml
2019-12-31 16:26:21 +01:00
Robin Schneider 3e5a3ee4e4
Let Nginx deliver static files directory in all examples 2019-12-31 14:43:14 +01:00
Robin Schneider 088337295a
Simply Nginx example by using alias directive for subdirectory URL
We explicitly specific the static directory here using alias to allow to
host from a other subdirectory than "searx" which just so happens to
match the source code directory.
2019-12-31 14:41:27 +01:00
Robin Schneider a1d9c81915
Fix Nginx subdir URL install docs which allowed download of settings.yml
Closes: #1617

There is an issue with the setup example in https://asciimoo.github.io/searx/dev/install/installation.html#installation for subdirectory URL deployments:

```nginx
root /usr/local/searx;

location = /searx { rewrite ^ /searx/; }
        try_files $uri @searx;
}
location @searx {
        uwsgi_param SCRIPT_NAME /searx;
        include uwsgi_params;
        uwsgi_modifier1 30;
        uwsgi_pass unix:/run/uwsgi/app/searx/socket;
}
```

`try_files` causes Nginx to search for files in the server root first. If it matches a file, it is returned. Only if no file matched, the request is passed to uwsgi. The worst consequence I can think of is that  `settings.yml` can be downloaded without authentication (where secrets and configuration details are stored).

To fix this, I propose:

```nginx
location = /searx {
        rewrite ^ /searx/;
}

location /searx/static {
}

location /searx {
        uwsgi_param SCRIPT_NAME /searx;
        include uwsgi_params;
        uwsgi_pass unix:/run/uwsgi/app/searx/socket;
}
```

And add

```
route-run = fixpathinfo:
```

to `/etc/uwsgi/apps-available/searx.ini` because `uwsgi_modifier1 30` is apparently deprecated. Ref: https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.11.html#fixpathinfo-routing-action

I assume this issue exists because some uwsgi upstream docs also use the `try_files` construct (at least I have seen this somewhere in the docs or somewhere else on the Internet but cannot find it right now again).

https://uwsgi-docs.readthedocs.io/en/latest/Nginx.html#hosting-multiple-apps-in-the-same-process-aka-managing-script-name-and-path-info also warns about this:

> If used incorrectly a configuration like this may cause security problems. For your sanity’s sake, double-triple-quadruple check that your application files, configuration files and any other sensitive files are outside of the root of the static files.
2019-12-31 14:24:27 +01:00
Markus Heiser f602cb8e4d docs(admin): moved settings description from wiki to docs
Move wiki entry https://github.com/asciimoo/searx/wiki/settings.yml
into admin section of the docs (#1785).

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-30 21:56:09 +01:00
Markus Heiser f9be534b2a docs(dev): fix minor markup typos
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-30 21:55:15 +01:00
Markus Heiser 10997a01e0 docs(admin): add weight & disabled cols to engine table
BTW: remove internal suspend_end_time

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-30 20:29:37 +01:00
Markus Heiser 754a10c1c1
Merge pull request #1661 from 0xhtml/fix-engine-spotify
Fix engine spotify

As you can read here https://developer.spotify.com/documentation/web-api/#authentication all requests to the spotify api require authentication. You can not test the api without credentials.
2019-12-30 07:44:31 +01:00
Markus Heiser 36e72a4619
Merge branch 'master' into fix-engine-spotify 2019-12-29 09:47:06 +01:00
Markus Heiser f6d66c0f6f
Merge pull request #1776 from return42/makefile-doc
doc: describe Makefile targets & add reST primer
2019-12-28 13:55:20 +01:00
Markus Heiser b91e07bbf1 docs(css): render HTML rst-example slightly more discreet
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-28 01:26:24 +01:00
Markus Heiser d1892b2112 docs(admin): add article 'Buildhosts' with system requirements
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-28 01:25:16 +01:00
Markus Heiser d6f2802e4b docs(dev): add more markups to reST primer
- Literal blocks
- Unicode substitution
- Horizontal list
- Math equations

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-28 01:01:11 +01:00
Markus Heiser 92afe68d65 doc(dev): reST/sphinx add tabbed views extension (sphinx_tabs.tabs)
See issue #1785:

  idea: in the doc, provide installation instructions with one tab per
  distrubution

preview (don't bookmark):

  https://return42.github.io/searx/dev/reST.html#tabbed-views

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-26 10:26:12 +01:00
Markus Heiser 62505f8982 docs(dev): add refs to to gitmoji and Semantic PR in contrib section
preview (don't bookmark):

  https://return42.github.io/searx/dev/contribution_guide.html#code

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-25 09:57:21 +01:00
Mathieu Brunot 359c18f9e6
Merge branch 'master' into docker/opencontainers 2019-12-24 21:38:07 +01:00
Markus Heiser 4ca8b69c81 doc(dev): add remarks about creating good commits (messages)
preview (don't bookmark):

  https://return42.github.io/searx/dev/contribution_guide.html#code

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2019-12-24 18:48:23 +01:00
Markus Heiser 5eb8cf4ebb Merge branch 'master' of https://github.com/asciimoo/searx into makefile-doc 2019-12-24 18:00:24 +01:00
Markus Heiser a52a638ba8
Merge pull request #1701 from CaffeinatedTech/patch-1
Update README.rst

for the future: please select meaningful commit messages. Here is a good summarize how a useful commit messages looks like: https://www.conventionalcommits.org/en/v1.0.0-beta.2/#summary

Further read: https://wiki.openstack.org/wiki/GitCommitMessages#Information_in_commit_messages
2019-12-24 17:56:24 +01:00
Markus Heiser ecb054a7a0
Merge branch 'master' into patch-1 2019-12-24 17:45:13 +01:00
Markus Heiser 5a0a66e9bc
Merge pull request #1615 from Nachtalb/ne/fix-infinite_scroll-with-vim_bindings
Fix not jumping to results loaded by infinite scroll
2019-12-24 17:34:33 +01:00
Markus Heiser 38dad2e8e3
Merge branch 'master' into ne/fix-infinite_scroll-with-vim_bindings 2019-12-24 15:42:05 +01:00
Markus Heiser a395fb4a8d
Merge pull request #1694 from finn0/libgen
Fix broken Library Gensis Engine
2019-12-24 13:37:29 +01:00
Markus Heiser fb668e2075
Merge branch 'master' into libgen 2019-12-24 13:33:07 +01:00
Markus Heiser 46dd51afad
Merge branch 'master' into makefile-doc 2019-12-24 12:27:36 +01:00
Markus Heiser 6d232e9b69
Merge pull request #1787 from finn0/fix/infobox
[Fix] oscar: no HTML escaping prior to output
2019-12-24 11:37:33 +01:00
Vipul 8bea927bb0 [Fix] oscar: no HTML escaping prior to output
When results are fetched from any programming related documentation site
(like git-scm.com, docs.python.org etc), content in Info box is shown as
raw HTML code.

This change addresses the issue by using "safe" filter feature provided by
Django. See,
  - https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#safe
  - Searx issue tracker (issue #1649), for more information.

Resolves: #1649
2019-12-24 15:11:48 +05:30
Markus Heiser 70f7142824
Merge branch 'master' into bug/oscar-theme 2019-12-23 18:47:23 +01:00
Markus Heiser 07c8ca87e6
Merge branch 'master' into makefile-doc 2019-12-23 13:58:53 +00:00
Markus Heiser 3e14bf4d27
Merge pull request #1686 from MarcAbonce/wiki_infobox_fixes
Infobox fixes
2019-12-23 12:31:31 +00:00