Ben Busby 3a2e0b262e

Validate urls in element and window endpoints ...

Domains were previously not validated before being handled, leading to a
potential scenario where someone could pass something like
"element_url=127.0.0.1:<port>/<resource>" to access other resources on a
machine running Whoogle. This change ensures that the resource used in
both endpoints is a valid domain.

This also includes validation of config names to prevent names from
including path values such as "../../(etc)".

2023-09-13 15:50:04 -06:00

..

models

Ensure b64 prefs always have min padding

2023-05-19 11:39:51 -06:00

static

Use filtered query for map tab

2023-09-08 16:44:04 -06:00

templates

Update handling of custom css (#965)

2023-04-13 14:19:36 -06:00

utils

Fix invalid calculator widget path (#1064)

2023-09-13 14:13:21 -06:00

__init__.py

Suppress spurious warnings from bs4

2023-03-22 12:29:05 -06:00

__main__.py

Swap out Flask's default web server for Waitress (#32)

2020-05-12 17:14:55 -06:00

filter.py

Fix: keep_blank_values = True to handle blank q input (#1052)

2023-08-21 14:53:10 -06:00

request.py

Change the consent cookies (#1054)

2023-08-21 14:50:38 -06:00

routes.py

Validate urls in element and window endpoints

2023-09-13 15:50:04 -06:00

version.py

Bump version to 0.8.3

2023-08-21 15:06:17 -06:00