i dZddlmZmZddlZddlZddlZddlmZddl m Z de de fd Z d eezd ejd ejdej dzfd Zy)a& Method ``http_sec_fetch`` ------------------------- The ``http_sec_fetch`` method protect resources from web attacks with `Fetch Metadata`_. A request is filtered out in case of: - http header Sec-Fetch-Mode_ is invalid - http header Sec-Fetch-Dest_ is invalid .. _Fetch Metadata: https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header .. _Sec-Fetch-Dest: https://developer.mozilla.org/en-US/docs/Web/API/Request/destination .. _Sec-Fetch-Mode: https://developer.mozilla.org/en-US/docs/Web/API/Request/mode ) IPv4Network IPv6NetworkN)config)logger user_agentreturnc|j}tjd|}|rt|j d}|dk\Stjd|}|rt|j d}|dk\Stjd|}|rGt|j d}t|j d}|dkDxs |dk(xr|d k\Sy ) alCheck if the browser supports Sec-Fetch headers. https://caniuse.com/mdn-http_headers_sec-fetch-dest https://caniuse.com/mdn-http_headers_sec-fetch-mode https://caniuse.com/mdn-http_headers_sec-fetch-site Supported browsers: - Chrome >= 80 - Firefox >= 90 - Safari >= 16.4 - Edge (mirrors Chrome) - Opera (mirrors Chrome) z chrome/(\d+)rPz firefox/(\d+)Zzversion/(\d+)\.(\d+)F)lowerresearchintgroup)r chrome_matchversion firefox_match safari_matchmajorminors 2/root/searxng/searx/botdetection/http_sec_fetch.pyis_browser_supportedr's!!#J99_j9Ll((+,"}II. ;Mm))!,-"}994jALL&&q)*L&&q)*rz9erk8eqj9 networkrequestcfgc|jstjdy|jj dd}t |r |jj dd}|dvr@tj d|tjtjdd S|jj d d}|d vr@tj d |tjtjdd |jj d d}|dvr@tj d|tjtjdd y)NzcSec-Fetch cannot be verified for non-secure requests (HTTP headers are not set/sent by the client).z User-AgentzSec-Fetch-Mode)navigatecorszinvalid Sec-Fetch-Mode '%s'indexi.)codezSec-Fetch-Site)z same-originz same-sitenonezinvalid Sec-Fetch-Site '%s'zSec-Fetch-Dest)documentemptyzinvalid Sec-Fetch-Dest '%s') is_securerwarningheadersgetrdebugflaskredirecturl_for)rrr rvals rfilter_requestr3Ms    q $$\26JJ'oo!!"2B7 * * LL6 <>>%--"8sC Coo!!"2B7 : : LL6 < NN5==1 <oo!!"2B7 + + LL6 < NN5==1 < r)__doc__ ipaddressrrrr/werkzeugr"r_helpersrstrboolrRequestConfigResponser3rrr>su0  #S#T#L ; & ]]  r