Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Broken imgres link with non-empty base url #733

Closed
2 of 8 tasks
invis-z opened this issue Apr 25, 2022 · 0 comments · Fixed by #734
Closed
2 of 8 tasks

[BUG] Broken imgres link with non-empty base url #733

invis-z opened this issue Apr 25, 2022 · 0 comments · Fixed by #734
Labels
bug Something isn't working

Comments

@invis-z
Copy link
Contributor

invis-z commented Apr 25, 2022

Describe the bug
Broken imgres link with non-empty/non-root base url in the search result

To Reproduce
Steps to reproduce the behavior:

  1. set the url base (WHOOGLE_URL_PREFIX) to a non-empty value
  2. search something with image results in "all/web" section
  3. click the result without opening "view all"
  4. broken link

Deployment Method

  • Heroku (one-click deploy)
  • Docker
  • run executable
  • pip/pipx
  • Other: [describe setup]

Version of Whoogle Search

  • Latest build from [source] (i.e. GitHub, Docker Hub, pip, etc)
  • Version v0.7.1
  • Not sure

Desktop (please complete the following information):

  • OS: windows 10
  • Browser chrome
  • Version 100

Additional context
Should use href without starting /

@invis-z invis-z added the bug Something isn't working label Apr 25, 2022
@invis-z invis-z changed the title [BUG] <brief bug description> [BUG] Broken imgres link with non-empty base url Apr 25, 2022
benbusby pushed a commit that referenced this issue Apr 27, 2022
Removes the leading slash before imgres and other endpoints

Fix #733
TrueMysterious pushed a commit to TrueMysterious/whoogle-search that referenced this issue May 26, 2022
* Render error message w/o `safe` filter

The error message shown in the error template does not need to be
rendered using the safe filter, and furthermore opens up an XSS
vulnerability.

* Only create ip card if main result div is found

The ip address card that is created for searches like "my ip" only needs
to be created/inserted if a main result div id is found.

Fixes benbusby#735

* Remove unused `/url` endpoint

The `/url` endpoint was previously used as a way of mirroring the
`/url?q=<result domain>` formatting of locations in search results from
Google. Rather than have this unnecessary intermediary step, the result
path was extracted and used as the immediate path for each result item
instead.

This endpoint hasn't been in use for many versions and has been in need
of removal for quite some time.

* Bump version to 0.7.2

* Fix pipx dependencies (benbusby#738)

Missing cssutils

* Remove "/" before endpoints & tags (benbusby#734)

Removes the leading slash before imgres and other endpoints

Fix benbusby#733

* Add `WHOOGLE_URL_PREFIX` to app.json (benbusby#737)

* Update zh-tw translation (benbusby#736)

* Fix german translation error (benbusby#742)

"Nachrichten" is the correct translation of "News"

* Replace public instance url

s.alefvanoon.xyz -> s.tokhmi.xyz

Fixes benbusby#743

* Use `window` from Endpoint enum for anon view (benbusby#748)

Removes previously hardcoded "/window" from anon view links

* Update and add instances [skip ci] (benbusby#750)

Updates Garudalinux instance
Add dr460nf1r3.org instance

* Use `lax` for session `SameSite` value (not `strict`)

SESSION_COOKIE_SAMESITE must be set to 'lax' to allow the user's
previous session to persist when accessing the instance from an external
link. Setting this value to 'strict' causes Whoogle to revalidate a new
session, and fail, resulting in cookies being disabled.

This could be re-evaluated if Whoogle ever switches to client side
configuration instead.

Fixes benbusby#749

* Improve G page distinction between footer and results

Pages in the Whoogle footer that by default route to Google pages were
previously being removed, but caused results that also routed to similar
pages to no longer be accessible. This was due to the removal of the
'/url' endpoint that Google uses for each result.

To fix this, the result link is now parsed so that the domain of the
result can be checked against the disallowed G page list. Since results
are delivered in a "/url?q=<domain>" format -- even for pages to
Google's own products -- and the footer links are formatted as
"<product>.google.com", footer links are removed and result links are
parsed correctly.

Fixes benbusby#747

* Replace leading slash for image links (benbusby#762)

The leading slash was previously removed without noticing it was part of a
string replacement in benbusby#734. This caused the href of "View Image" contain a
leading "/" which is wrong.

* Remove duplicated handling of /url result links (benbusby#769)

It appears that result links beginning with '/url' were mistakenly
commited with an inefficient filtering process in its place. With the
way the code is structured, this less effective '/url' link filter took
precedence over the previous link filter, and also caused users with the
"open link in new tab" config enabled to no longer have access to that
feature.

Fixes benbusby#769

Co-authored-by: Ben Busby <contact@benbusby.com>
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: invis-z <22781620+invis-z@users.noreply.github.com>
Co-authored-by: xatier <xatierlike@gmail.com>
Co-authored-by: hoschi1337 <58056262+hoschi1337@users.noreply.github.com>
Co-authored-by: Nico <njcrypted@protonmail.com>
Co-authored-by: Joao A. Candido Ramos <joao.candido@etu.unige.ch>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant