[fix] limiter: prevent loading cached index html when redirected

The redirection to index lets client requests CSS token, if somehow they haven't been. We need to ensure the html isn't cached so the latest token can be retrieved.
author: bearz314 <wongchoonjie@gmail.com> 2025-02-11 00:48:27 +1100
committer: Markus Heiser <markus.heiser@darmarIT.de> 2025-02-20 07:55:45 +0100
commit: 0a3eb24a0b7fb80533a8c9808b176678a5717ef8 (patch)
tree: 040a1697f2191b1d0a9ab2c97f8ed2fc3d7af1e6 /searx/botdetection
parent: 16fafed6a2b768999245bf61a2c6dd5156cb7dc2 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/searx/botdetection/ip_limit.py b/searx/botdetection/ip_limit.py
index b4c6825b3..161a9826e 100644
--- a/searx/botdetection/ip_limit.py
+++ b/searx/botdetection/ip_limit.py
@@ -123,7 +123,9 @@ def filter_request(
         )
         if c > SUSPICIOUS_IP_MAX:
             logger.error("BLOCK: too many request from %s in SUSPICIOUS_IP_WINDOW (redirect to /)", network)
-            return flask.redirect(flask.url_for('index'), code=302)
+            response = flask.redirect(flask.url_for('index'), code=302)
+            response.headers["Cache-Control"] = "no-store, max-age=0"
+            return response
 
         c = incr_sliding_window(redis_client, 'ip_limit.BURST_WINDOW' + network.compressed, BURST_WINDOW)
         if c > BURST_MAX_SUSPICIOUS:
author	bearz314 <wongchoonjie@gmail.com>	2025-02-11 00:48:27 +1100
committer	Markus Heiser <markus.heiser@darmarIT.de>	2025-02-20 07:55:45 +0100
commit	0a3eb24a0b7fb80533a8c9808b176678a5717ef8 (patch)
tree	040a1697f2191b1d0a9ab2c97f8ed2fc3d7af1e6 /searx/botdetection
parent	16fafed6a2b768999245bf61a2c6dd5156cb7dc2 (diff)