From b07884c95864a074b700d635c92a43f734cc8868 Mon Sep 17 00:00:00 2001
From: Markus Heiser <markus.heiser@darmarit.de>
Date: Sun, 14 Nov 2021 13:26:12 +0100
Subject: [PATCH 1/2] [fix] Optimize SVG for WEB usage / CSP 'style-src self'

- Replace grunt-contrib-htmlmin by grunt-image [1].

- Activate svgo's [2] convertStyleToAttrs to make the HTML inline SVGs
  compoliant to the CSP policy [3]::

    Content-Security-Policy: style-src self;

[1] https://www.npmjs.com/package/grunt-image
[2] https://github.com/svg/svgo
[3] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src

Closes: https://github.com/searxng/searxng/issues/502

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
---
 searx/static/themes/simple/.eslintrc.json  |  3 ++-
 searx/static/themes/simple/gruntfile.js    | 14 +++++++-------
 searx/static/themes/simple/package.json    |  2 +-
 searx/static/themes/simple/svg4web.svgo.js | 19 +++++++++++++++++++
 4 files changed, 29 insertions(+), 9 deletions(-)
 create mode 100644 searx/static/themes/simple/svg4web.svgo.js

diff --git a/searx/static/themes/simple/.eslintrc.json b/searx/static/themes/simple/.eslintrc.json
index f6aed7584..069111bca 100644
--- a/searx/static/themes/simple/.eslintrc.json
+++ b/searx/static/themes/simple/.eslintrc.json
@@ -1,7 +1,8 @@
 {
     "env": {
         "browser": true,
-        "es2021": true
+        "es2021": true,
+        "node": true
     },
     "extends": "eslint:recommended",
     "parserOptions": {
diff --git a/searx/static/themes/simple/gruntfile.js b/searx/static/themes/simple/gruntfile.js
index f1ece95c5..f85f92a13 100644
--- a/searx/static/themes/simple/gruntfile.js
+++ b/searx/static/themes/simple/gruntfile.js
@@ -9,7 +9,7 @@ module.exports = function(grunt) {
     watch: {
       scripts: {
         files: ['gruntfile.js', 'src/**'],
-        tasks: ['eslint', 'copy', 'concat', 'svg2jinja', 'uglify', 'htmlmin', 'less:development', 'less:production']
+        tasks: ['eslint', 'copy', 'concat', 'svg2jinja', 'uglify', 'image', 'less:development', 'less:production']
       }
     },
     eslint: {
@@ -18,6 +18,7 @@ module.exports = function(grunt) {
         failOnError: false
       },
       target: [
+        'svg4web.svgo.js',
         'src/js/main/*.js',
         'src/js/head/*.js',
         '../__common__/js/*.js'
@@ -95,11 +96,10 @@ module.exports = function(grunt) {
         }
       }
     },
-    htmlmin: {
-      dist: {
+    image: {
+      svg4web: {
         options: {
-          removeComments: true,
-          collapseWhitespace: true
+          svgo: ['--config', 'svg4web.svgo.js']
         },
         files: {
           '../../../templates/__common__/searxng-wordmark.min.svg': 'src/svg/searxng-wordmark.svg'
@@ -221,7 +221,7 @@ module.exports = function(grunt) {
   grunt.loadNpmTasks('grunt-contrib-watch');
   grunt.loadNpmTasks('grunt-contrib-copy');
   grunt.loadNpmTasks('grunt-contrib-uglify');
-  grunt.loadNpmTasks('grunt-contrib-htmlmin');
+  grunt.loadNpmTasks('grunt-image');
   grunt.loadNpmTasks('grunt-contrib-jshint');
   grunt.loadNpmTasks('grunt-contrib-concat');
   grunt.loadNpmTasks('grunt-contrib-less');
@@ -238,7 +238,7 @@ module.exports = function(grunt) {
     'concat',
     'svg2jinja',
     'uglify',
-    'htmlmin',
+    'image',
     'less:development',
     'less:production'
   ]);
diff --git a/searx/static/themes/simple/package.json b/searx/static/themes/simple/package.json
index 3676672bd..1ca09536f 100644
--- a/searx/static/themes/simple/package.json
+++ b/searx/static/themes/simple/package.json
@@ -9,10 +9,10 @@
     "grunt-contrib-less": "~3.0.0",
     "grunt-contrib-uglify": "~5.0.1",
     "grunt-xmlmin": "~0.1.8",
-    "grunt-contrib-htmlmin": "~3.1.0",
     "grunt-contrib-watch": "~1.1.0",
     "grunt-eslint": "^23.0.0",
     "grunt-stylelint": "^0.16.0",
+    "grunt-image": "^6.4.0",
     "ionicons": "^5.5.4",
     "less": "^4.1.1",
     "less-plugin-clean-css": "^1.5.1",
diff --git a/searx/static/themes/simple/svg4web.svgo.js b/searx/static/themes/simple/svg4web.svgo.js
new file mode 100644
index 000000000..5b985adfe
--- /dev/null
+++ b/searx/static/themes/simple/svg4web.svgo.js
@@ -0,0 +1,19 @@
+/**
+ * @license
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ *
+ * svgo config: Optimize SVG for WEB usage
+ */
+
+module.exports = {
+  plugins: [
+    {
+      name: 'preset-default',
+    },
+    // make diff friendly
+    'sortAttrs',
+    // Optimize SVG for WEB usage
+    'convertStyleToAttrs',
+    'removeXMLNS'
+ ],
+};

From 3c05530518dcc4f64724c1173a90f17d07030a09 Mon Sep 17 00:00:00 2001
From: Markus Heiser <markus.heiser@darmarit.de>
Date: Mon, 15 Nov 2021 14:54:32 +0100
Subject: [PATCH 2/2] [build] /static

---
 .../themes/oscar/css/pointhi.min.css.map      | Bin 8074 -> 8074 bytes
 .../__common__/searxng-wordmark.min.svg       | Bin 1476 -> 711 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/searx/static/themes/oscar/css/pointhi.min.css.map b/searx/static/themes/oscar/css/pointhi.min.css.map
index 0767750d78685d388191c3e71a55d9e80f435027..fae77dc4bf7a28291f98956f200562ede8f40d18 100644
GIT binary patch
delta 66
zcmV-I0KNZ;KZ-w)cau#55s^a^v7oI1k#`o8JOT-`X96r43tCP}EN4PNLrE-GlaU$|
YldlT}leQaf0b#Qx95@33Lz7+~EZjg8bN~PV

delta 63
zcmV-F0Kor>KZ-w)caum07O{xH0g-nRldJ&=vu6S<84E*BN-SqWK|@I_SCf$%6O*qC
V1(UWLZUJJmB^)>d0b`S1A1tn76Z`-G

diff --git a/searx/templates/__common__/searxng-wordmark.min.svg b/searx/templates/__common__/searxng-wordmark.min.svg
index 688b6f5190c72078d5f5ddb12a91c70be2a0926a..45cc2c05bde2f4b37891a1aa40aa1d798de3f8a0 100644
GIT binary patch
literal 711
zcmb`FO>ToQ5QVQYnr@l}j*T&33A5<Fhp>nNs}Le%CGG7y1d^swcd2B_<C*85d7rEK
z+`+{kVsB8V<A~5Z-}UjfI(v6{n?4P4;Gk0)SXUjyV2^V<h0)+O9Bg#2NyeE@1tg+i
znJ9LoY<y@22MrxisHKR|d>K@dX)Y0hLCFzXKMV$s)6uPQGM#MWBMC`A$1r_3gD;XR
z-nO?yvOQYR{#BBUKDsb?nha+5?7_~x4Z+fB>kXUw;f{S>oowvkVDLRJm=X$P!L(3T
zlt5$YT|g=rR{|uHLN3{RK{6rBYq=<&YewB){Y)>xHSxw&l&sA1AF5I_os;tfM6!ZY
zWpO!88P|k^VzToAZkXaqHfO0+JA?<<Hf(n;3&lUl{jz<-Mn?SuwS8Atd-}okH)$=`
A-T(jq

literal 1476
zcmbtU+m4$s5d9U)`_ihx_`=OBuu@g6)Yo3rXV*9hTELO<ZZ?14F$+nmt}1mKMZzA>
z4Cl-_rn-9`dh}%6)Y-Adj8KfssBPPgyBdH0b{`cOO<s+y>g{N1JX(C$plW*BA*dXu
zveh--dw(e7`0(g@V%;uob!>Vwn9)x$BP_;CuD;}IXO!=rjJCsI$7wDbr<*m?wcB&s
z<MBw2V$NVv%9!$)^9VAc=`?!v99`7`uGi`~r8I`KrTyPiy0*rU3&gMH!eG~#<45~k
zV~Qw}9R3*XO}E?o8cRM57#+LT@0U$ewPrh^&@3!Cj+<&QUbV`rIl69A+*ClO{PO9(
zskAPCSoeTJK>f6j&>D_gU2d%#lyAC0?Mz_u0j6KUpx1+t<4*@OS2{D<N2fuqSCnb>
z(1pzStMB^$b7&Z_h5F9-rkT60%LNYv&k*AkcvJ0=cWRshwi?gNUU~B_N+^+>2`V-b
z%SpnrlxOep%(_=6;}~$#ozp$Qg>eRloq9mK1wiEpKD(W~vk#`c0o~xYY@>O;CFAQJ
zh#1#*@F<ft)~ac*oKvUkMv*-z4XjI$QJ;cB@B}6E^aa&H`Mt=Q2!pr)6M!sar-Dez
z(==a;7Iv4~LL{${2y`xQK64T@rQ7X_cj0vA_!drpIxs-swE<;0Nm)`PawBpgS;`Zn
z5GyvU0NYZ;5Qke18F{)9L@=Jv{I_F4n8+c%33++J3z$`Kad<<K!sZXL{()z@(taaN
zXSBaIowNSMaT(zv$*BaJIgpHzBFiMBsfj>U6e64xT1W|sgYbgnG!rS8mn$qJk(mI~
wp6@X$NRdDYOcMqW-YwZ>0B29#&c3}_bbWmqSFT=cT>R%K;vL*d_!2a~076jNga7~l