searx

mirror of https://github.com/searx/searx synced 2025-03-13 10:00:17 +01:00

Go to file

Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration

The suggested configurations for nginx found in the documentation and
templates lead to vulnerabilities allowing host spoofing [1] and path
traversal [2], as reported by Gixy [3]. This commit fixes those issues.

[1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
[2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
[3] https://github.com/yandex/gixy

2021-03-03 12:34:22 +01:00

.github

data-update.yml: on PR per file

2021-02-25 08:41:17 +01:00

dockerfiles

[enh] add searx.shared

2021-01-12 11:47:17 +01:00

docs

Fix security vulnerabilities in suggested nginx configuration

2021-03-03 12:34:22 +01:00

examples

Fix whitespaces

2016-07-11 18:52:37 +07:00

searx

[enh] google scholar - python implementation of the engine

2021-03-01 15:16:37 +01:00

tests

[mod] add utils/fetch_external_bangs.py

2021-02-24 18:48:36 +01:00

utils

Fix security vulnerabilities in suggested nginx configuration

2021-03-03 12:34:22 +01:00

.codecov.yml

codecov : update the commit status

2017-09-28 19:43:58 +02:00

.config.sh

[mod] utils/searx.sh install: create branch if not already exists

2020-12-23 16:06:06 +01:00

.coveragerc

[mod] use github actions instead of travis

2020-11-17 15:09:06 +01:00

.dir-locals.el

[mod] remove obsolete virtualenv command

2020-12-18 22:31:13 +01:00

.dockerignore

[enh] update documentation about docker

2020-07-22 14:58:04 +02:00

.gitattributes

[enh] add simple theme (WIP)

2017-08-06 16:04:21 +02:00

.gitignore

[enh] Add onions category with Ahmia, Not Evil and Torch

2020-10-25 17:59:05 -07:00

.landscape.yaml

Add landscape.io configuration

2014-07-09 22:49:38 +02:00

.pylintrc

[mod] pylint: add extension-pkg-whitelist=lxml.etree

2020-11-02 15:55:19 +01:00

AUTHORS.rst

Updated webutils.highlight_content to ignore double-quotes when highlighting query parts

2021-02-08 23:58:54 -05:00

babel.cfg

[enh] babel.cfg added

2014-01-22 00:15:42 +01:00

CHANGELOG.rst

prepare release 0.18.0

2020-12-14 19:03:09 +01:00

CONTRIBUTING.md

[mod] documentations & comments: update http://* URL to https://*.

2020-12-04 16:52:25 +01:00

Dockerfile

[enh] add checker

2021-01-12 11:47:17 +01:00

LICENSE

[fix] full AGPLv3+ license according to #382

2015-07-04 18:23:54 +02:00

Makefile

[enh] google scholar - python implementation of the engine

2021-03-01 15:16:37 +01:00

manage.sh

[mod] get rid of searx/brand.py

2021-01-11 22:12:38 +01:00

PULL_REQUEST_TEMPLATE.md

Add PR template and contribution guidelines

2020-07-10 17:10:02 +02:00

README.rst

[fix] migration from github.com/asciimoo/searx to github.com/searx/searx : fix URLs

2020-09-28 16:44:14 +02:00

requirements-dev.txt

Bump pylint from 2.6.2 to 2.7.2

2021-03-02 09:07:11 +00:00

requirements.txt

Bump pyyaml from 5.3.1 to 5.4.1

2021-02-16 17:59:36 +00:00

setup.py

[enh] checker: background check

2021-01-12 11:47:17 +01:00

tox.ini

[enh] tox.ini added to rewrite standard pep8 rules

2015-01-02 12:26:21 +01:00

README.rst

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

.. SPDX-License-Identifier: AGPL-3.0-or-later

.. figure:: https://raw.githubusercontent.com/searx/searx/master/searx/static/themes/oscar/img/logo_searx_a.png
   :target: https://searx.github.io/searx/
   :alt: searX
   :width: 100%
   :align: center

-------

|searx install|
|searx homepage|
|searx wiki|
|AGPL License|
|Issues|
|commits|
|OpenCollective searx backers|
|OpenCollective searx sponsors|

Privacy-respecting, hackable `metasearch engine`_ / *pronunciation* **səːks**.

.. _metasearch engine: https://en.wikipedia.org/wiki/Metasearch_engine

.. |searx install| image:: https://img.shields.io/badge/-install-blue
   :target: https://searx.github.io/searx/admin/installation.html

.. |searx homepage| image:: https://img.shields.io/badge/-homepage-blue
   :target: https://searx.github.io/searx

.. |searx wiki| image:: https://img.shields.io/badge/-wiki-blue
   :target: https://github.com/searx/searx/wiki

.. |AGPL License|  image:: https://img.shields.io/badge/license-AGPL-blue.svg
   :target: https://github.com/searx/searx/blob/master/LICENSE

.. |Issues| image:: https://img.shields.io/github/issues/searx/searx?color=yellow&label=issues
   :target: https://github.com/searx/searx/issues

.. |PR| image:: https://img.shields.io/github/issues-pr-raw/searx/searx?color=yellow&label=PR
   :target: https://github.com/searx/searx/pulls

.. |commits| image:: https://img.shields.io/github/commit-activity/y/searx/searx?color=yellow&label=commits
   :target: https://github.com/searx/searx/commits/master

.. |OpenCollective searx backers| image:: https://opencollective.com/searx/backers/badge.svg
   :target: https://opencollective.com/searx#backer

.. |OpenCollective searx sponsors| image:: https://opencollective.com/searx/sponsors/badge.svg
   :target: https://opencollective.com/searx#sponsor


If you are looking for running instances, ready to use, then visit searx.space_.

Otherwise jump to the user_, admin_ and developer_ handbooks you will find on
our homepage_.

.. _searx.space: https://searx.space
.. _user: https://searx.github.io/searx/user
.. _admin: https://searx.github.io/searx/admin
.. _developer: https://searx.github.io/searx/dev
.. _homepage: https://searx.github.io/searx

contact:
  openhub_ // twitter_ // IRC: #searx @ freenode

.. _openhub: https://www.openhub.net/p/searx
.. _twitter: https://twitter.com/Searx_engine

-------

|gluten free|

.. |gluten free| image:: https://forthebadge.com/images/featured/featured-gluten-free.svg

Languages

Python 52.9%

CSS 11.7%

JavaScript 10.2%

Shell 10.2%

HTML 8.8%

Other 6.2%

README.rst Unescape Escape

README.rst