[fix] limiter: prevent loading cached index html when redirected

The redirection to index lets client requests CSS token, if somehow they haven't been. We need to ensure the html isn't cached so the latest token can be retrieved.
2025-02-11 00:48:27 +11:00 · 2025-02-11 00:48:27 +11:00 · 67c3fa6930
commit 67c3fa6930
parent f78929dba6
1 changed files with 3 additions and 1 deletions
--- a/searx/botdetection/ip_limit.py
+++ b/searx/botdetection/ip_limit.py
@ -123,7 +123,9 @@ def filter_request(
        )
        if c > SUSPICIOUS_IP_MAX:
            logger.error("BLOCK: too many request from %s in SUSPICIOUS_IP_WINDOW (redirect to /)", network)
-            return flask.redirect(flask.url_for('index'), code=302)
+            response = flask.redirect(flask.url_for('index'), code=302)
+            response.headers["Cache-Control"] = "no-store, max-age=0"
+            return response

        c = incr_sliding_window(redis_client, 'ip_limit.BURST_WINDOW' + network.compressed, BURST_WINDOW)
        if c > BURST_MAX_SUSPICIOUS: