mirror of
https://github.com/searxng/searxng.git
synced 2024-11-05 04:40:11 +01:00
b8c7c2c9aa
- counting requests in LONG_WINDOW and BURST_WINDOW is not needed when the request is validated by the link_token method [1] - renew a ping-key on validation [2], this is needed for infinite scrolling, where no new token (CSS) is loaded. / this does not fix the BURST_MAX issue in the vanilla limiter - normalize the counter names of the ip_limit method to 'ip_limit.*' - just integrate the ip_limit method straight forward in the limiter plugin / non intermediate code --> ip_limit now returns None or a werkzeug.Response object that can be passed by the plugin to the flask application / non intermediate code that returns a tuple [1] https://github.com/searxng/searxng/pull/2357#issuecomment-1566113277 [2] https://github.com/searxng/searxng/pull/2357#discussion_r1208542206 [3] https://github.com/searxng/searxng/pull/2357#issuecomment-1566125979 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
32 lines
991 B
Python
32 lines
991 B
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
# lint: pylint
|
|
"""
|
|
Method ``http_accept_encoding``
|
|
-------------------------------
|
|
|
|
The ``http_accept_encoding`` method evaluates a request as the request of a
|
|
bot if the Accept-Encoding_ header ..
|
|
|
|
- did not contain ``gzip`` AND ``deflate`` (if both values are missed)
|
|
- did not contain ``text/html``
|
|
|
|
.. _Accept-Encoding:
|
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding
|
|
|
|
"""
|
|
# pylint: disable=unused-argument
|
|
|
|
from typing import Optional
|
|
import flask
|
|
import werkzeug
|
|
|
|
from searx.tools import config
|
|
from ._helpers import too_many_requests
|
|
|
|
|
|
def filter_request(request: flask.Request, cfg: config.Config) -> Optional[werkzeug.Response]:
|
|
accept_list = [l.strip() for l in request.headers.get('Accept-Encoding', '').split(',')]
|
|
if not ('gzip' in accept_list or 'deflate' in accept_list):
|
|
return too_many_requests(request, "HTTP header Accept-Encoding did not contain gzip nor deflate")
|
|
return None
|