I've created this project since I wanted a stricter sanitation proxy which still allows some modern features such as:
<source>. To prevent leakage through unknown or unexpected resource links, this project also uses a Content Security Policy which allows only itself. Like Morty it also supports an HTTP or SOCKS5 proxy to tunnel the outgoing traffic. But unlike Morty it requires a HMAC secret to validate the given URL and does not allow direct URL opening.
This project currently has the following features:
- HTML sanitization (
- Resource reference rewrite
- No cookies, caching, or referrers
<img>async decoding and optionally "lazy" loading
To use it for SearX or SearXNG define a
result_proxy section within the
settings.yml. Inside this section define a
url with the public base URL to this service and a
key which is the HMAC secret that's used to validate the given URL. This project can also be used as image proxy if
server.image_proxy is set to
true. (See SearX settings.yml, SearXNG settings.yml)
result_proxy: url: https://proxy.example.com/ key: !!binary "hmac_secret" server: image_proxy: true
The source code for this project can be found on GitHub at friedemannsommer/searproxy.