From 8dacbbbb157359447a07ea4562ab6447dacb5f06 Mon Sep 17 00:00:00 2001
From: Ivan Gabaldon <igabaldon@inetol.net>
Date: Fri, 24 Oct 2025 11:28:07 +0200
Subject: [fix] client/simple: insecure ctx clipboard copy

Uses the deprecated [`execCommand()`](https://developer.mozilla.org/en-US/docs/Web/API/Document/execCommand)
to copy content to clipboard if accessing the instance through HTTP, this method
isn't going away soon.

Closes https://github.com/searxng/searxng/issues/5359
---
 client/simple/src/js/main/results.ts | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'client/simple/src/js/main/results.ts')

diff --git a/client/simple/src/js/main/results.ts b/client/simple/src/js/main/results.ts
index 8b2d8c9b6..42298f9f8 100644
--- a/client/simple/src/js/main/results.ts
+++ b/client/simple/src/js/main/results.ts
@@ -121,7 +121,19 @@ listen("click", "#copy_url", async function (this: HTMLElement) {
   const target = this.parentElement?.querySelector<HTMLPreElement>("pre");
   assertElement(target);
 
-  await navigator.clipboard.writeText(target.innerText);
+  if (window.isSecureContext) {
+    await navigator.clipboard.writeText(target.innerText);
+  } else {
+    const selection = window.getSelection();
+    if (selection) {
+      const range = document.createRange();
+      range.selectNodeContents(target);
+      selection.removeAllRanges();
+      selection.addRange(range);
+      document.execCommand("copy");
+    }
+  }
+
   const copiedText = this.dataset.copiedText;
   if (copiedText) {
     this.innerText = copiedText;
-- 
cgit v1.2.3