From 92463ce6a7aacd366292a383373bebc32988b9c3 Mon Sep 17 00:00:00 2001
From: Markus Heiser <markus.heiser@darmarit.de>
Date: Fri, 28 Jun 2024 14:47:22 +0200
Subject: [doc] adds the missing documentation of the `server.method` settings.

TL;DR; For all the issues that comes with HTTP POST I recommend instance
maintainers to switch to GET and lock the property in the preferences:

```yaml
server:
  method: GET

preferences:
  lock:
    - method
```

We don't want this in the defaults of the SearXNG distributions for the pros vs
cons listed in this discussion:

- https://github.com/searxng/searxng/pull/3619
---
 searx/settings.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'searx/settings.yml')

diff --git a/searx/settings.yml b/searx/settings.yml
index ca5e27df7..7d95e3d16 100644
--- a/searx/settings.yml
+++ b/searx/settings.yml
@@ -100,8 +100,9 @@ server:
   image_proxy: false
   # 1.0 and 1.1 are supported
   http_protocol_version: "1.0"
-  # POST queries are more secure as they don't show up in history but may cause
-  # problems when using Firefox containers.
+  # POST queries are "more secure!" but are also the source of hard-to-locate
+  # annoyances, which is why GET may be better for end users and their browsers.
+  # see https://github.com/searxng/searxng/pull/3619
   # Is overwritten by ${SEARXNG_METHOD}
   method: "POST"
   default_http_headers:
-- 
cgit v1.2.3