fix: docker shit, wikipedia vuln pointed out via email by Yufan You (merge pull request #9 from codedipper/main)

2023-08-17 23:59:48 +02:00 · 2023-08-17 23:59:48 +02:00 · be59098abd
parent 91ecdf64c2 d0b9411ad3
commit be59098abd
8 changed files with 35 additions and 3 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -14,6 +14,8 @@ services:
      - CONFIG_GOOGLE_DOMAIN=com
      - CONFIG_GOOGLE_LANGUAGE_SITE=en
      - CONFIG_GOOGLE_LANGUAGE_RESULTS=en
+      - CONFIG_TEXT_SEARCH_ENGINE=google
+      - CONFIG_INSTANCE_FALLBACK=true
      - CONFIG_WIKIPEDIA_LANGUAGE=en
    volumes:
      - ./nginx_logs:/var/log/nginx
--- a/docker/README.md
+++ b/docker/README.md
@ -10,6 +10,7 @@
    - [Search Config](#search-config)
    - [Wikipedia](#wikipedia)
    - [Applications](#applications)
+    - [Engines](#engines)
    - [Curl](#curl)
 - [Docker version issues](#docker-version-issues)
 - [Building a docker image](#building-a-docker-image)
@ -87,6 +88,8 @@ This docker image was developed with high configurability in mind, so here is th
 |:----------|:-------------|:---------|:------|
 | CONFIG_GOOGLE_DOMAIN |  "com" | "com", "com.br", "com.es" | Defines which Google domain the search will be done, change according to your country |
 | CONFIG_GOOGLE_LANGUAGE | "en" | "pt", "es", "ru" | Defines the language in which searches will be done, see the list of supported languages [here](https://developers.google.com/custom-search/docs/ref_languages). |
+| CONFIG_GOOGLE_NUMBER_OF_RESULTS | "10" | "10", "20", "30" | Number of results for Google to return each page. |
+| CONFIG_INSTANCE_FALLBACK | true | boolean | Choose whether or not to use the API on the backend to request to another LibreX/Y instance in case of rate limiting. |
 | CONFIG_INVIDIOUS_INSTANCE | "https://invidious.namazso.eu" | string | Defines the host that will be used to do video searches using invidious |
 | CONFIG_HIDDEN_SERVICE_SEARCH | false | boolean | Defines whether safesearch will be enabled or disabled |
 | CONFIG_DISABLE_BITTORRENT_SEARCH | false | boolean | Defines whether bittorrent support will be enabled or disabled |
@ -102,6 +105,13 @@ This docker image was developed with high configurability in mind, so here is th

 <br>

+### Engines
+| Variables | Default | Examples | Description |
+|:----------|:-------------|:---------|:------|
+| CONFIG_TEXT_SEARCH_ENGINE | "google" | "google", "duckduckgo" | Change your text search engine. |
+
+<br>
+
 ### Applications

 | Variables | Default | Examples | Description |
@ -129,6 +139,7 @@ This docker image was developed with high configurability in mind, so here is th
 |:----------|:-------------|:---------|:------|
 | CURLOPT_PROXY_ENABLED | false | boolean | If you want to use a proxy, you need to set this variable to true. |
 | CURLOPT_PROXY | "" | "127.0.0.1:8080" | Set the proxy using the ip and port to be used |
+| CURLOPT_PROXYTYPE | "CURLPROXY_HTTP" | "CURLPROXY_SOCKS4A" "CURLPROXY_SOCKS5" "CURLPROXY_SOCKS5_HOSTNAME" | Set the type of proxy connection (if you enabled it). |
 | CURLOPT_RETURNTRANSFER | true | boolean | **TODO** |
 | CURLOPT_ENCODING | "" | string | Defines the encode that curl should use to display the texts correctly |
 | CURLOPT_USERAGENT | "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" | string | This variable defines the 'User-Agent' that curl will use to attempt to avoid being blocked |
--- a/docker/attributes.sh
+++ b/docker/attributes.sh
@ -22,6 +22,8 @@ export OPEN_SEARCH_HOST=${OPEN_SEARCH_HOST:-"127.0.0.1"}
 export CONFIG_GOOGLE_DOMAIN="${CONFIG_GOOGLE_DOMAIN:-"com"}"
 export CONFIG_GOOGLE_LANGUAGE_SITE="${CONFIG_GOOGLE_LANGUAGE_SITE:-"en"}"
 export CONFIG_GOOGLE_LANGUAGE_RESULTS="${CONFIG_GOOGLE_LANGUAGE_RESULTS:-"en"}"
+export CONFIG_GOOGLE_NUMBER_OF_RESULTS="${CONFIG_GOOGLE_NUMBER_OF_RESULTS:-"10"}"
+export CONFIG_INSTANCE_FALLBACK="${CONFIG_INSTANCE_FALLBACK}:-true}
 export CONFIG_INVIDIOUS_INSTANCE="${CONFIG_INVIDIOUS_INSTANCE:-"invidious.snopyta.org"}"
 export CONFIG_HIDDEN_SERVICE_SEARCH=${CONFIG_HIDDEN_SERVICE_SEARCH:-false}
 export CONFIG_DISABLE_BITTORRENT_SEARCH=${CONFIG_DISABLE_BITTORRENT_SEARCH:-false}
@ -48,10 +50,13 @@ export APP_ANONYMOUS_OVERFLOW=${APP_ANONYMOUS_OVERFLOW:-""}
 export APP_SUDS=${APP_SUDS:-""}
 export APP_BIBLIOREADS=${APP_BIBLIOREADS:-""}

+export CONFIG_TEXT_SEARCH_ENGINE=${CONFIG_TEXT_SEARCH_ENGINE:-"google"}
+
 # GNU/Curl configurations. Leave 'CURLOPT_PROXY' blank whether you don't need to use a proxy for requests
 # Generally, a proxy is needed when your IP address is blocked by search engines in response to multiple requests within a short time frame. In these cases, it is recommended to use rotating proxies
 export CURLOPT_PROXY_ENABLED=${CURLOPT_PROXY_ENABLED:-false}
 export CURLOPT_PROXY=${CURLOPT_PROXY:-""}
+export CURLOPT_PROXYTYPE=${CURLOPT_PROXYTYPE:-"CURLPROXY_HTTP"}
 export CURLOPT_RETURNTRANSFER=${CURLOPT_RETURNTRANSFER:-true}
 export CURLOPT_ENCODING=${CURLOPT_ENCODING:-""}
 export CURLOPT_USERAGENT="${CURLOPT_USERAGENT:-"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"}"
--- a/docker/php/config.php
+++ b/docker/php/config.php
@ -3,6 +3,7 @@
        "google_domain" => "${CONFIG_GOOGLE_DOMAIN}",
        "google_language_site" => "${CONFIG_GOOGLE_LANGUAGE_SITE}",
        "google_language_results" => "${CONFIG_GOOGLE_LANGUAGE_RESULTS}",
+        "google_number_of_results" => "${CONFIG_GOOGLE_NUMBER_OF_RESULTS}",

        "wikipedia_language" => "${CONFIG_WIKIPEDIA_LANGUAGE}",
        "invidious_instance_for_video_results" => "${CONFIG_INVIDIOUS_INSTANCE}",
@ -10,6 +11,7 @@
        "disable_bittorent_search" => ${CONFIG_DISABLE_BITTORRENT_SEARCH},
        "bittorent_trackers" => "${CONFIG_BITTORRENT_TRACKERS}",
        "disable_hidden_service_search" => ${CONFIG_HIDDEN_SERVICE_SEARCH},
+        "instance_fallback" => ${CONFIG_INSTANCE_FALLBACK},

        "frontends" => array(
            "invidious" => array(
@ -99,9 +101,13 @@
            )
        ),

+        "preferred_engines" => array(
+            "text" => "${CONFIG_TEXT_SEARCH_ENGINE}"
+        ),
+
        "curl_settings" => array(
            CURLOPT_PROXY => "${CURLOPT_PROXY}",
-            CURLOPT_PROXYTYPE => CURLPROXY_HTTP,
+            CURLOPT_PROXYTYPE => "${CURLOPT_PROXYTYPE}",
            CURLOPT_RETURNTRANSFER => ${CURLOPT_RETURNTRANSFER},
            CURLOPT_ENCODING => "${CURLOPT_ENCODING}",
            CURLOPT_USERAGENT => "${CURLOPT_USERAGENT}",
--- a/docker/php/php.dockerfile
+++ b/docker/php/php.dockerfile
@ -14,6 +14,8 @@ ENV OPEN_SEARCH_HOST="http://127.0.0.1:${NGINX_PORT}"
 ENV CONFIG_GOOGLE_DOMAIN="com"
 ENV CONFIG_GOOGLE_LANGUAGE_SITE="en"
 ENV CONFIG_GOOGLE_LANGUAGE_RESULTS="en"
+ENV CONFIG_GOOGLE_NUMBER_OF_RESULTS="10"
+ENV CONFIG_INSTANCE_FALLBACK=true
 ENV CONFIG_INVIDIOUS_INSTANCE="https://invidious.snopyta.org"
 ENV CONFIG_HIDDEN_SERVICE_SEARCH=false
 ENV CONFIG_DISABLE_BITTORRENT_SEARCH=false
@ -36,11 +38,14 @@ ENV APP_ANONYMOUS_OVERFLOW=""
 ENV APP_SUDS=""
 ENV APP_BIBLIOREADS=""

+# Preferred search engines.
+ENV CONFIG_TEXT_SEARCH_ENGINE="google"

 # GNU/Curl configurations. Leave 'CURLOPT_PROXY' blank whether you don't need to use a proxy for requests
 # Generally, a proxy is needed when your IP address is blocked by search engines in response to multiple requests within a short time frame. In these cases, it is recommended to use rotating proxies
 ENV CURLOPT_PROXY_ENABLED=false
 ENV CURLOPT_PROXY=""
+ENV CURLOPT_PROXYTYPE="CURLPROXY_HTTP"
 ENV CURLOPT_RETURNTRANSFER=true
 ENV CURLOPT_ENCODING=""
 ENV CURLOPT_USERAGENT="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
--- a/engines/duckduckgo/text.php
+++ b/engines/duckduckgo/text.php
@ -54,7 +54,8 @@
                    break;
                case 7:
                    $wikipedia_language = isset($_COOKIE["wikipedia_language"]) ? trim(htmlspecialchars($_COOKIE["wikipedia_language"])) : $config->wikipedia_language;
-                    $url = "https://$wikipedia_language.wikipedia.org/w/api.php?format=json&action=query&prop=extracts%7Cpageimages&exintro&explaintext&redirects=1&pithumbsize=500&titles=$query_encoded";
+                    if (in_array($wikipedia_language, json_decode(file_get_contents("static/misc/wikipedia_langs.json"), true)))
+                        $url = "https://$wikipedia_language.wikipedia.org/w/api.php?format=json&action=query&prop=extracts%7Cpageimages&exintro&explaintext&redirects=1&pithumbsize=500&titles=$query_encoded";
                    break;
            }
            
--- a/engines/google/text.php
+++ b/engines/google/text.php
@ -54,7 +54,8 @@
                    break;
                case 7:
                    $wikipedia_language = isset($_COOKIE["wikipedia_language"]) ? trim(htmlspecialchars($_COOKIE["wikipedia_language"])) : $config->wikipedia_language;
-                    $url = "https://$wikipedia_language.wikipedia.org/w/api.php?format=json&action=query&prop=extracts%7Cpageimages&exintro&explaintext&redirects=1&pithumbsize=500&titles=$query_encoded";
+                    if (in_array($wikipedia_language, json_decode(file_get_contents("static/misc/wikipedia_langs.json"), true)))
+                        $url = "https://$wikipedia_language.wikipedia.org/w/api.php?format=json&action=query&prop=extracts%7Cpageimages&exintro&explaintext&redirects=1&pithumbsize=500&titles=$query_encoded";
                    break;
            }

--- a/static/misc/wikipedia_langs.json
+++ b/static/misc/wikipedia_langs.json
@ -0,0 +1 @@
+["ab","ace","ady","af","ak","als","am","an","ang","ar","arc","ary","arz","as","ast","atj","av","avk","awa","ay","az","azb","ba","ban","bar","bat-smg","bcl","be","be-tarask","bg","bh","bi","bjn","bm","bn","bo","bpy","br","bs","bug","bxr","ca","cbk-zam","cdo","ce","ceb","ch","chr","chy","ckb","co","cr","crh","cs","csb","cu","cv","cy","da","de","din","diq","dsb","dty","dv","dz","ee","el","eml","en","eo","es","et","eu","ext","fa","ff","fi","fiu-vro","fj","fo","fr","frp","frr","fur","fy","ga","gag","gan","gcr","gd","gl","glk","gn","gom","gor","got","gu","gv","ha","hak","haw","he","hi","hif","hr","hsb","ht","hu","hy","hyw","ia","id","ie","ig","ik","ilo","inh","io","is","it","iu","ja","jam","jbo","jv","ka","kaa","kab","kbd","kbp","kg","ki","kk","kl","km","kn","ko","koi","krc","ks","ksh","ku","kv","kw","ky","la","lad","lb","lbe","lez","lfn","lg","li","lij","lld","lmo","ln","lo","lt","ltg","lv","mad","mai","map-bms","mdf","mg","mhr","mi","min","mk","ml","mn","mnw","mr","mrj","ms","mt","mwl","my","myv","mzn","na","nah","nap","nds","nds-nl","ne","new","nia","nl","nn","no","nostalgia","nov","nqo","nrm","nso","nv","ny","oc","olo","om","or","os","pa","pag","pam","pap","pcd","pdc","pfl","pi","pih","pl","pms","pnb","pnt","ps","pt","qu","rm","rmy","rn","ro","roa-rup","roa-tara","ru","rue","rw","sa","sah","sat","sc","scn","sco","sd","se","sg","sh","shn","si","simple","sk","skr","sl","sm","smn","sn","so","sq","sr","srn","ss","st","stq","su","sv","sw","szl","szy","ta","tcy","te","tet","tg","th","ti","tk","tl","tn","to","tpi","tr","ts","tt","tum","tw","ty","tyv","udm","ug","uk","ur","uz","ve","vec","vep","vi","vls","vo","wa","war","wo","wuu","xal","xh","xmf","yi","yo","za","zea","zh","zh-classical","zh-min-nan","zh-yue","zu","zh-hans","zh-hant","zh-cn","zh-hk","zh-mo","zh-my","zh-sg","zh-tw"]
				`@ -0,0 +1 @@`
				["ab","ace","ady","af","ak","als","am","an","ang","ar","arc","ary","arz","as","ast","atj","av","avk","awa","ay","az","azb","ba","ban","bar","bat-smg","bcl","be","be-tarask","bg","bh","bi","bjn","bm","bn","bo","bpy","br","bs","bug","bxr","ca","cbk-zam","cdo","ce","ceb","ch","chr","chy","ckb","co","cr","crh","cs","csb","cu","cv","cy","da","de","din","diq","dsb","dty","dv","dz","ee","el","eml","en","eo","es","et","eu","ext","fa","ff","fi","fiu-vro","fj","fo","fr","frp","frr","fur","fy","ga","gag","gan","gcr","gd","gl","glk","gn","gom","gor","got","gu","gv","ha","hak","haw","he","hi","hif","hr","hsb","ht","hu","hy","hyw","ia","id","ie","ig","ik","ilo","inh","io","is","it","iu","ja","jam","jbo","jv","ka","kaa","kab","kbd","kbp","kg","ki","kk","kl","km","kn","ko","koi","krc","ks","ksh","ku","kv","kw","ky","la","lad","lb","lbe","lez","lfn","lg","li","lij","lld","lmo","ln","lo","lt","ltg","lv","mad","mai","map-bms","mdf","mg","mhr","mi","min","mk","ml","mn","mnw","mr","mrj","ms","mt","mwl","my","myv","mzn","na","nah","nap","nds","nds-nl","ne","new","nia","nl","nn","no","nostalgia","nov","nqo","nrm","nso","nv","ny","oc","olo","om","or","os","pa","pag","pam","pap","pcd","pdc","pfl","pi","pih","pl","pms","pnb","pnt","ps","pt","qu","rm","rmy","rn","ro","roa-rup","roa-tara","ru","rue","rw","sa","sah","sat","sc","scn","sco","sd","se","sg","sh","shn","si","simple","sk","skr","sl","sm","smn","sn","so","sq","sr","srn","ss","st","stq","su","sv","sw","szl","szy","ta","tcy","te","tet","tg","th","ti","tk","tl","tn","to","tpi","tr","ts","tt","tum","tw","ty","tyv","udm","ug","uk","ur","uz","ve","vec","vep","vi","vls","vo","wa","war","wo","wuu","xal","xh","xmf","yi","yo","za","zea","zh","zh-classical","zh-min-nan","zh-yue","zu","zh-hans","zh-hant","zh-cn","zh-hk","zh-mo","zh-my","zh-sg","zh-tw"]