SearProxy
A SearX / SearXNG compatible web content sanitizer proxy, which is heavily inspired by Morty.
I've created this project since I wanted a stricter sanitation proxy which still allows some modern features such as: <video>
, <audio>
, <picture>
, and <source>
. To prevent leakage through unknown or unexpected resource links, this project also uses a Content Security Policy which allows only itself. Like Morty it also supports an HTTP or SOCKS5 proxy to tunnel the outgoing traffic. But unlike Morty it requires a HMAC secret to validate the given URL and does not allow direct URL opening.
This project currently has the following features:
- HTML sanitization (
<applet>
,<canvas>
,<embed>
) - Resource reference rewrite
- JavaScript blocking (
<script>
,on*="code"
) - No cookies, caching, or referrers
- HTML
<form>
withGET
orPOST
- HTML
<img>
async decoding and optionally "lazy" loading - HTML
<iframe>
,<video>
,<audio>
To use it for SearX or SearXNG define a result_proxy
section within the settings.yml
. Inside this section define a url
with the public base URL to this service and a key
which is the HMAC secret that's used to validate the given URL. This project can also be used as image proxy if server.image_proxy
is set to true
. (See SearX settings.yml, SearXNG settings.yml)
result_proxy:
url: https://proxy.example.com/
key: !!binary "hmac_secret"
server:
image_proxy: true
Alternatively, see the documentation for the SearX result proxy or SearXNG result proxy.
The source code for this project can be found on GitHub at friedemannsommer/searproxy.