ngn/4get
1
0
Fork 0
Code Issues Pull Requests Actions Packages Activity

get rid of the api all together
All checks were successful
Build and publish the docker image / build (push) Successful in 10s
Details

Browse Source 
Signed-off-by: ngn <ngn@ngn.tf>
This commit is contained in:
ngn 2025-01-19 07:15:56 +03:00
parent ce81a54de1
commit 9868c6c7a5
Signed by: ngn
GPG Key ID: A3654DF5AD9F641D
12 changed files with 205 additions and 861 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ami4get.php
View File

@ -18,10 +18,10 @@ echo json_encode(
"bot_protection" => config::BOT_PROTECTION,
"real_requests" => $real_requests === false ? 0 : $real_requests,
"bot_requests" => $bot_requests === false ? 0 : $bot_requests,
"api_enabled" => config::API_ENABLED,
"api_enabled" => false,
"alt_addresses" => config::ALT_ADDRESSES,
"version" => config::VERSION
],
"instances" => config::INSTANCES
"instances" => []
]
);

10
src/api/index.php
View File

@ -1,10 +0,0 @@
<?php
header("Content-Type: application/json");
http_response_code(404);
echo json_encode(
[
"status" => "Unknown endpoint"
]
);

243
src/api/v1/ac.php
View File

@ -1,243 +0,0 @@
<?php
include "../../data/config.php";
new autocomplete();
class autocomplete{
public function __construct(){
header("Content-Type: application/json");
$this->scrapers = [
"brave" => "https://search.brave.com/api/suggest?q={searchTerms}",
"ddg" => "https://duckduckgo.com/ac/?q={searchTerms}&type=list",
"yandex" => "https://suggest.yandex.com/suggest-ff.cgi?part={searchTerms}&uil=en&v=3&sn=5&lr=21276&yu=4861394161661655015",
"google" => "https://www.google.com/complete/search?client=mobile-gws-lite&q={searchTerms}",
"qwant" => "https://api.qwant.com/v3/suggest/?q={searchTerms}&client=opensearch",
"yep" => "https://api.yep.com/ac/?query={searchTerms}",
"marginalia" => "https://search.marginalia.nu/suggest/?partial={searchTerms}",
"yt" => "https://suggestqueries-clients6.youtube.com/complete/search?client=youtube&q={searchTerms}",
"sc" => "",
"startpage" => "https://www.startpage.com/suggestions?q={searchTerms}&format=opensearch&segment=startpage.defaultffx&lui=english",
"kagi" => "https://kagi.com/api/autosuggest?q={searchTerms}",
"ghostery" => "https://ghosterysearch.com/suggest?q={searchTerms}"
];
/*
Sanitize input
*/
if(!isset($_GET["s"])){
$this->do404("Missing search(s) parameter");
}
if(is_string($_GET["s"]) === false){
$this->do404("Invalid search(s) parameter");
}
if(strlen($_GET["s"]) > 500){
$this->do404("Search(s) exceeds the 500 char length");
}
/*
Get $scraper
*/
if(!isset($_GET["scraper"])){
if(isset($_COOKIE["scraper_ac"])){
$scraper = $_COOKIE["scraper_ac"];
}else{
$scraper = "brave"; // default option
}
}else{
$scraper = $_GET["scraper"];
}
if($scraper == "disabled"){
// this shouldnt happen, but let's handle it anyways
$this->doempty();
}
// make sure it exists
if(!isset($this->scrapers[$scraper])){
$scraper = "brave"; // default option
}
// return results
switch($scraper){
case "google":
case "yt":
// handle google cause they want to be a special snowflake :(
$js = $this->get($this->scrapers[$scraper], $_GET["s"]);
preg_match(
'/\((\[.*\])\)/',
$js,
$js
);
if(!isset($js[1])){
$this->doempty();
}
$js = json_decode($js[1]);
$json = [];
foreach($js[1] as $item){
$json[] = htmlspecialchars_decode(strip_tags($item[0]));
}
echo json_encode(
[
$_GET["s"],
$json
],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
break;
case "sc":
// soundcloud
chdir("../../");
include "scraper/sc.php";
$sc = new sc();
$token = $sc->get_token("raw_ip::::");
$js = $this->get(
"https://api-v2.soundcloud.com/search/queries?q={searchTerms}&client_id=" . $token . "&limit=10&offset=0&linked_partitioning=1&app_version=1693487844&app_locale=en",
$_GET["s"]
);
$js = json_decode($js, true);
if(!isset($js["collection"])){
$this->doempty();
}
$json = [];
foreach($js["collection"] as $item){
$json[] = $item["query"];
}
echo json_encode(
[
$_GET["s"],
$json
],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
break;
case "marginalia":
$json = $this->get($this->scrapers[$scraper], $_GET["s"]);
$json = json_decode($json, true);
if($json === null){
$this->doempty();
}
echo json_encode(
[
$_GET["s"],
$json
],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
break;
default:
// if it respects the openSearch protocol
$json = json_decode($this->get($this->scrapers[$scraper], $_GET["s"]), true);
echo json_encode(
[
$_GET["s"],
$json[1] // ensure it contains valid key 0
],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
break;
}
}
private function get($url, $query){
try{
$curlproc = curl_init();
$url = str_replace("{searchTerms}", urlencode($query), $url);
curl_setopt($curlproc, CURLOPT_URL, $url);
curl_setopt($curlproc, CURLOPT_ENCODING, ""); // default encoding
curl_setopt($curlproc, CURLOPT_HTTPHEADER,
["User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0",
"Accept: application/json, text/javascript, */*; q=0.01",
"Accept-Language: en-US,en;q=0.5",
"Accept-Encoding: gzip",
"DNT: 1",
"Connection: keep-alive",
"Sec-Fetch-Dest: empty",
"Sec-Fetch-Mode: cors",
"Sec-Fetch-Site: same-site"]
);
curl_setopt($curlproc, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curlproc, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curlproc, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curlproc, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curlproc, CURLOPT_TIMEOUT, 30);
$data = curl_exec($curlproc);
if(curl_errno($curlproc)){
throw new Exception(curl_error($curlproc));
}
curl_close($curlproc);
return $data;
}catch(Exception $error){
do404("Curl error: " . $error->getMessage());
}
}
private function do404($error){
echo json_encode(
["error" => $error],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
die();
}
private function doempty(){
echo json_encode(
[
$_GET["s"],
[]
],
JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_INVALID_UTF8_IGNORE
);
die();
}
}

10
src/api/v1/index.php
View File

@ -1,10 +0,0 @@
<?php
header("Content-Type: application/json");
http_response_code(404);
echo json_encode(
[
"status" => "Unknown endpoint"
]
);

42
src/data/config.php
View File

@ -3,34 +3,34 @@ class config{
// Welcome to the 4get configuration file
// When updating your instance, please make sure this file isn't missing
// any parameters.
// 4get version. Please keep this updated
const VERSION = 8;
// Will be shown pretty much everywhere.
const SERVER_NAME = "4get";
// Will be shown in <meta> tag on home page
const SERVER_SHORT_DESCRIPTION = "4get is a proxy search engine that doesn't suck.";
// Will be shown in server list ping (null for no description)
const SERVER_LONG_DESCRIPTION = null;
// Add your own themes in "static/themes". Set to "Dark" for default theme.
// Eg. To use "static/themes/Cream.css", specify "Cream".
const DEFAULT_THEME = "Dark";
const DEFAULT_THEME = "black";
// Enable the API?
const API_ENABLED = true;
//
// BOT PROTECTION
//
// 0 = disabled, 1 = ask for image captcha, @TODO: 2 = invite only (users needs a pass)
// VERY useful against a targetted attack
const BOT_PROTECTION = 0;
// if BOT_PROTECTION is set to 1, specify the available datasets here
// images should be named from 1.png to X.png, and be 100x100 in size
// Eg. data/captcha/birds/1.png up to 2263.png
@ -40,11 +40,11 @@ class config{
//["fumo_plushies", 1006],
//["minecraft", 848]
];
// If this regex expression matches on the user agent, it blocks the request
// Not useful at all against a targetted attack
const HEADER_REGEX = '/bot|wget|curl|python-requests|scrapy|go-http-client|ruby|yahoo|spider|qwant/i';
// Block clients who present any of the following headers in their request (SPECIFY IN !!lowercase!!)
// Eg: ["x-forwarded-for", "x-via", "forwarded-for", "via"];
// Useful for blocking *some* proxies used for botting
@ -62,7 +62,7 @@ class config{
//"remote-addr",
//"via"
];
// Block SSL ciphers used by CLI tools used for botting
// Basically a primitive version of Cloudflare's browser integrity check
// ** If curl can still access the site (with spoofed headers), please make sure you use the new apache2 config **
@ -70,12 +70,12 @@ class config{
const DISALLOWED_SSL = [
// "TLS_AES_256_GCM_SHA384" // used by WGET and CURL
];
// Maximal number of searches per captcha key/pass issued. Counter gets
// reset on every APCU cache clear (should happen once a day).
// Only useful when BOT_PROTECTION is NOT set to 0
const MAX_SEARCHES = 100;
// List of domains that point to your servers. Include your tor/i2p
// addresses here! Must be a valid URL. Won't affect links placed on
// the homepage.
@ -83,7 +83,7 @@ class config{
//"https://4get.alt-tld",
//"http://4getwebfrq5zr4sxugk6htxvawqehxtdgjrbcn2oslllcol2vepa23yd.onion"
];
// Known 4get instances. MUST use the https protocol if your instance uses
// it. Is used to generate a distributed list of instances.
// To appear in the list of an instance, contact the host and if everyone added
@ -116,11 +116,11 @@ class config{
"https://4get.sudovanilla.org",
"https://search.mint.lgbt"
];
// Default user agent to use for scraper requests. Sometimes ignored to get specific webpages
// Changing this might break things.
const USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0";
// Proxy pool assignments for each scraper
// false = Use server's raw IP
// string = will load a proxy list from data/proxies
@ -155,14 +155,14 @@ class config{
const PROXY_YANDEX_W = false; // yandex web
const PROXY_YANDEX_I = false; // yandex images
const PROXY_YANDEX_V = false; // yandex videos
//
// Scraper-specific parameters
//
// GOOGLE CSE
const GOOGLE_CX_ENDPOINT = "d4e68b99b876541f0";
// MARGINALIA
// Use "null" to default out to HTML scraping OR specify a string to
// use the API (Eg: "public"). API has less filters.

13
src/opensearch.php
View File

@ -15,10 +15,10 @@ if(
$domain
)
){
$onion = true;
}else{
$onion = false;
}
@ -30,13 +30,4 @@ echo
'<Image width="16" height="16">' . $domain . '/favicon.ico</Image>' .
'<Url type="text/html" method="GET" template="' . $domain . '/web?s={searchTerms}"/>';
if(
isset($_GET["ac"]) &&
is_string($_GET["ac"]) &&
$_GET["ac"] != "disabled"
){
echo '<Url rel="suggestions" type="application/x-suggestions+json" template="' . $domain . '/api/v1/ac?s={searchTerms}&amp;scraper=' . htmlspecialchars($_GET["ac"]) . '"/>';
}
echo '</OpenSearchDescription>';

576
src/static/client.js
View File

File diff suppressed because it is too large Load Diff

20
src/static/themes/black.css Normal file
View File

@ -0,0 +1,20 @@
:root{
/* background */
--1d2021: #000;
--282828: #080808;
--3c3836: #27273c;
--504945: #989898;
/* font */
--928374: #fcfcfc;
--a89984: #d9d9d9;
--bdae93: #ffffff;
--8ec07c: #2fce00;
--ebdbb2: #64d142;
/* code highlighter */
--comment: #a0c0a4;
--default: #f00;
--keyword: #9376e4;
--string: #ecd78f;
}

77
src/template/about.html
View File

@ -1,77 +0,0 @@
<a href="/" class="link">&lt; Go back</a>
<h1>Set as default search engine</h1>
<a href="#firefox"><h2 id="firefox">On Firefox and other Gecko based browsers</h2></a>
To set this as your default search engine on Firefox, right click the URL bar and select <div class="code-inline">Add "4get"</div>. Then, visit <a href="about:preferences#search" target="_BLANK" class="link">about:preferences#search</a> and select <div class="code-inline">4get</div> in the dropdown menu.
<a href="#chrome"><h2 id="chrome">On Chromium and Blink based browsers</h2></a>
Click the 3 superpositioned dots at the top right of the screen and click on <div class="code-inline">Settings</div>, then search for <div class="code-inline">default search engine</div>, or visit <a href="chrome://settings/searchEngines">chrome://settings/searchEngines</a>.<br><br>
Once you're there, click the pencil on the last entry under "Search engines" (it's probably DuckDuckGo). Once you do that, a popup will appear. Populate it with the following information:
<table>
<tr>
<td><b>Field</b></td>
<td><b>Value</b></td>
</tr>
<tr>
<td>Search engine</td>
<td>{%server_name%}</td>
</tr>
<tr>
<td>Shortcut</td>
<td>{%server_name%}</td>
</tr>
<tr>
<td>URL with %s in place of query</td>
<td>https://4get.ca/web?s=%s</td>
</tr>
</table>
Once that's done, click <div class="code-inline">Save</div>. Then, on the right handside of the newly created entry, open the dropdown menu and select <div class="code-inline">Make default</div>.
<h1>Frequently asked questions</h1>
<a href="#what-is-this"><h2 id="what-is-this">What is this?</h2></a>
This is a metasearch engine that gets results from other engines, and strips away all of the tracking parameters and Microsoft/globohomo bullshit they add. Most of the other alternatives to Google jack themselves off about being ""privacy respecting"" or whatever the fuck but it always turns out to be a total lie, and I just got fed up with their shit honestly. Alternatives like Searx or YaCy all fucking sucks so I made my own thing.
<a href="#goal"><h2 id="goal">My goal</h2></a>
Provide users with a privacy oriented, extremely lightweight, ad free, free as in freedom (and free beer!) way to search for documents around the internet, with minimal, optional javascript code. My long term goal would be to build my own index (that doesn't suck) and provide users with an unbiased search engine, with no political inclinations.
<a href="#logs"><h2 id="logs">Do you keep logs?</h2></a>
I store data temporarly to get the next page of results. This might include search queries, filters and tokens. These parameters are encrypted using <div class="code-inline">libsodium</div> on the serber, for which I give you a decryption key (also known internally as <div class="code-inline">npt</div> token). When you make a request to get the next page, you supply the token, the data is decrypted and the request is fulfilled. This encrypted data is deleted after 15 minutes, or after it's used, whichever comes first.<br><br>
I <b>don't</b> log IP addresses, user agents, or anything else. The <div class="code-inline">npt</div> tokens are the only thing that are stored (in RAM, mind you), temporarly, encrypted.
<a href="#information-sharing"><h2 id="information-sharing">Do you share information with third parties?</h2></a>
Your search queries and supplied filters are shared with the scraper you chose (so I can get the search results, duh). I don't share anything else (that means I don't share your IP address, location, or anything of this kind). There is no way that site can know you're the one searching for something, <u>unless you send out a search query that de-anonymises you.</u> For example, a search query like "hello my full legal name is jonathan gallindo and i want pictures of cloacas" would definitively blow your cover. 4get doesn't contain ads or any third party javascript applets or trackers. I don't profile you, and quite frankly, I don't give a shit about what you search on there.<br><br>
TL;DR assume those websites can see what you search for, but can't see who you are (unless you're really dumb).
<a href="#hosting"><h2 id="hosting">Where is this website hosted?</h2></a>
Please head over to the <a href="/instances">4get instances</a> page, select an instance and click on "IP lookup".
<a href="#keyboard-shortcuts"><h2 id="keyboard-shortcuts">Keyboard shortcuts?</h2></a>
Use <div class="code-inline">/</div> to focus the search box.<br><br>
When the image viewer is open, you can use the following keybinds:<br>
<div class="code-inline">Up</div>, <div class="code-inline">Down</div>, <div class="code-inline">Left</div>, <div class="code-inline">Right</div> to rotate the image.<br>
<div class="code-inline">CTRL+Up</div>, <div class="code-inline">CTRL+Down</div>, <div class="code-inline">CTRL+Left</div>, <div class="code-inline">CTRL+Right</div> to mirror the image.<br>
<div class="code-inline">Escape</div> to exit the image viewer.
<a href="#schizo"><h2 id="schizo">How can I trust you?</h2></a>
You just sort of have to take my word for it right now. If you'd rather trust yourself instead of me (I believe in you!!), all of the code on this website is available trough my <a href="https://git.lolcat.ca/lolcat" class="link">git page</a> for you to host on your own machines. Just a reminder: if you're the sole user of your instance, it doesn't take immense brain power for Microshit to figure out you basically just switched IP addresses. Invite your friends to use your instance!
<a href="#donate"><h2 id="donate">Support the project</h2></a>
Donate to me trough ko-fi: <a href="https://ko-fi.com/lolcat" target="BLANK" rel="noreferrer">ko-fi.com/lolcat</a><br>
Please donate I sent myself a donation for testing if it works and it looks fucking dumb. Reasons to donate are listed on there. Thank you!
<a href="#contact"><h2 id="contact">I want to report abuse or have erotic roleplay trough email</h2></a>
I don't know about that second part but if you want to talk to me, just drop me an email...<br><br>
<b>Message to all DMCA enforcers:</b> I don't host any of the content. Everything you see here is <u>proxied</u> trough my shitbox with no moderation. Please reach out to the people hosting the infringing content instead.<br><br>
<a href="https://lolcat.ca" rel="dofollow" class="link">Click here to contact me!</a><br><br>
<a href="https://validator.w3.org/nu/?doc=https%3A%2F%2F4get.ca" title="W3 Valid!">
<img src="/static/icon/w3html.png" alt="Valid W3C HTML 4.01" width="88" height="31">
</a>

20
src/template/donate.html
View File

@ -1,20 +0,0 @@
<a href="/" class="link">&lt; Go back</a>
<h1>Donate to the project</h1>
This project takes up most of my free time and costs money to run. If you feel like this project is worthy of a donation, please do so using the resources on this page!<br><br>
To run smoothly, 4get requires 20$/month for the server fees and 15-25$ for residential proxies. I also have plans to build my own index to provide better search results; funds raised here will go directly towards better hardware for these purposes. According to the number of captchas solved, <a href="https://4get.ca">4get.ca</a> serves between 800-1400 users every day, or around 7000-10000 searches!
<h2>Ko-fi</h2>
This is the most convenient way to donate. Supports PayPal.
<ul>
<li><a href="https://ko-fi.com/lolcat">ko-fi.com/lolcat</a></li>
</ul>
<h2>Monero</h2>
Due to popular demand, I have added an XMR addy. I'm planning to reward users who donate to me once paid tiers are introduced to 4get, so please let me know through email that you donated to me (don't forget your transaction ID)!
<ul>
<li><a href="monero:85G95fXXfuh72oQd9LmdMHNqDTqsUPKkLCBEYE7XnnMLPvBfkdnan2FVTmVAwT4JEuXsRL7xPgqzuV2YdbFkWmxK2FgGBmB?tx_description=4get+donation">85G95fXXfuh72oQd9LmdMHNqDTqsUPKkLCBEYE7XnnMLPvBfkdnan2FVTmVAwT4JEuXsRL7xPgqzuV2YdbFkWmxK2FgGBmB</a></li>
</ul>
Thank you all for your generous support!!

14
src/template/home.html
View File

@ -29,20 +29,12 @@
</div>
</form>
<a href="settings">Settings</a>
<span> | </span>
<a href="https://git.lolcat.ca/lolcat/4get_news">News</a>
<span> | </span>
<a href="https://git.lolcat.ca/lolcat/4get">Source</a>
<span> | </span>
<a href="https://git.ngn.tf/ngn/4get">Modified Source</a>
<div class="subtext">
<a href="https://4.ngn.tf">Clearnet</a>
<a href="http://4ngnt3r7ktzk2mdpxk2gnodnfnaggh55keswpx76zmsrxaabspw5riad.onion">TOR</a>
<a href="https://git.ngn.tf/ngn/4get/issues">Report a problem</a>
<br>
</div>
</div>
<script src="/static/client.js?v{%version%}"></script>
</body>

37
src/template/instances.html
View File

@ -1,37 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<title>Instance browser</title>
<link title="{%server_name%}" href="/opensearch{%ac%}" rel="search" type="application/opensearchdescription+xml">
<link rel="stylesheet" href="/static/style.css?v{%version%}">
{%style%}
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="robots" content="index,follow">
<link rel="icon" type="image/x-icon" href="/favicon.ico">
<meta name="description" content="{%server_name%}: Instances">
</head>
<body class="instances">
<h1>Instance browser</h1>
Learn how to setup your own instance here! <a href="https://git.lolcat.ca/lolcat/4get" target="_BLANK">https://git.lolcat.ca/lolcat/4get</a>
<noscript>
<div class="quote">For a better experience, whitelist javascript usage on this page.</div>
<table>
<thead>
<tr>
<th class="expand">Server</th>
</tr>
</thead>
<tbody>
{%instances_html%}
</tbody>
</table>
</noscript>
<a href="../" class="go-back">&lt; Go back</a>
<div id="popup-bg"></div>
<div class="popup-wrapper">
<div class="popup"></div>
</div>
<script src="static/serverping.js?v{%version%}"></script>
</body>
</html>