searxng

mirror of https://github.com/searxng/searxng synced 2024-01-01 19:24:07 +01:00

History

Markus Heiser 08ef986e58 [POC] limiter: change PING of link_token mehtod from CSS to <img> while PR #2357 [1] was being implemented the question came up: would be better to change the PING resource from CSS to an image so that some terminal based browser may still able to pass the test [1] This patch implements a POC in where a <img src=token> tag is loaded instaed a CSS. To test this patch activate limiter and link_token method [3] and start a developer instance:: make run In your terminal browser open http://127.0.0.1:8888/search?q=foo If the browser is suitable for the link_token method, it loads the image and the following messages appear:: DEBUG searx.botdetection.limiter : OK 127.0.0.1/32: /clientft61aak7fzyu6o6v.svg ... DEBUG searx.botdetection.link_token : token is valid --> True DEBUG searx.botdetection.link_token : store ping_key for (client) network 127.0.0.1/32 (IP 127.0.0.1) -> SearXNG_limiter.ping[...] Browsers that do not load images will be blocked: If you try by example:: lynx http://127.0.0.1:8888/search?q=foo you will see a WARNING message like:: WARNING searx.botdetection.link_token : missing ping (IP: 127.0.0.1/32) / request: SearXNG_limiter.ping[...] Modern terminal WEB browser do support `<img>` tag as well as CSS: browsh http://127.0.0.1:8888/search?q=foo ---- [1] `80aaef6c95` [2] https://github.com/searxng/searxng/pull/2357#issuecomment-1574898834 [3] activate limiter and link_token method ```diff diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml index 71a231e8f..7e1dba755 100644 --- a/searx/botdetection/limiter.toml +++ b/searx/botdetection/limiter.toml @@ -17,6 +17,6 @@ ipv6_prefix = 48 filter_link_local = false # acrivate link_token method in the ip_limit method -link_token = false +link_token = true diff --git a/searx/settings.yml b/searx/settings.yml index a82a3432d..e7b983afc 100644 --- a/searx/settings.yml +++ b/searx/settings.yml @@ -73,7 +73,7 @@ server: # public URL of the instance, to ensure correct inbound links. Is overwritten # by ${SEARXNG_URL}. base_url: false # "http://example.com/location" - limiter: false # rate limit the number of request on the instance, block some bots + limiter: true # rate limit the number of request on the instance, block some bots # If your instance owns a /etc/searxng/settings.yml file, then set the following # values there. ``` Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>	2024-11-01 13:39:35 +01:00
..
simple	[POC] limiter: change PING of link_token mehtod from CSS to <img>	2024-11-01 13:39:35 +01:00

Markus Heiser 08ef986e58 [POC] limiter: change PING of link_token mehtod from CSS to <img>

while PR #2357 [1] was being implemented the question came up:

    would be better to change the PING resource from CSS to an image so that
    some terminal based browser may still able to pass the test [1]

This patch implements a POC in where a <img src=token> tag is loaded instaed a
CSS.

To test this patch activate limiter and link_token method [3] and start a
developer instance::

    make run

In your terminal browser open http://127.0.0.1:8888/search?q=foo

If the browser is suitable for the link_token method, it loads the image and the
following messages appear::

    DEBUG   searx.botdetection.limiter    : OK 127.0.0.1/32: /clientft61aak7fzyu6o6v.svg ...
    DEBUG   searx.botdetection.link_token : token is valid --> True
    DEBUG   searx.botdetection.link_token : store ping_key for (client) network 127.0.0.1/32 (IP 127.0.0.1) -> SearXNG_limiter.ping[...]

Browsers that do not load images will be blocked: If you try by example::

    lynx http://127.0.0.1:8888/search?q=foo

you will see a WARNING message like::

    WARNING searx.botdetection.link_token : missing ping (IP: 127.0.0.1/32) / request: SearXNG_limiter.ping[...]

Modern terminal WEB browser do support `<img>` tag as well as CSS:

    browsh http://127.0.0.1:8888/search?q=foo

----

[1] 80aaef6c95
[2] https://github.com/searxng/searxng/pull/2357#issuecomment-1574898834
[3] activate limiter and link_token method

```diff
diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml
index 71a231e8f..7e1dba755 100644
--- a/searx/botdetection/limiter.toml
+++ b/searx/botdetection/limiter.toml
@@ -17,6 +17,6 @@ ipv6_prefix = 48
 filter_link_local = false

 # acrivate link_token method in the ip_limit method
-link_token = false
+link_token = true

diff --git a/searx/settings.yml b/searx/settings.yml
index a82a3432d..e7b983afc 100644
--- a/searx/settings.yml
+++ b/searx/settings.yml
@@ -73,7 +73,7 @@ server:
   # public URL of the instance, to ensure correct inbound links. Is overwritten
   # by ${SEARXNG_URL}.
   base_url: false  # "http://example.com/location"
-  limiter: false  # rate limit the number of request on the instance, block some bots
+  limiter: true  # rate limit the number of request on the instance, block some bots

   # If your instance owns a /etc/searxng/settings.yml file, then set the following
   # values there.
```

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>

2024-11-01 13:39:35 +01:00

simple [POC] limiter: change PING of link_token mehtod from CSS to <img> 2024-11-01 13:39:35 +01:00