Add feature to disable search encryption

Author: CoinK0in

README.md

@@ -32,7 +32,7 @@ Install the package from source with pip:
 ```bash
 cd mkdocs-encryptcontent-plugin/
 python3 setup.py sdist bdist_wheel
-pip3 install dist/mkdocs_encryptcontent_plugin-1.0.0-py3-none-any.whl
+pip3 install dist/mkdocs_encryptcontent_plugin-1.1.0-py3-none-any.whl
 ```
 
 Enable the plugin in your `mkdocs.yml`:
@@ -282,16 +282,39 @@ Your configuration like this :
 ```
 
 
+### Do not encrypt search index
+
+Related to [issue #13](https://github.com/CoinK0in/mkdocs-encryptcontent-plugin/issues/13)
+
+> :warning: **This feature is NOT SECURE and CAUSE DATA LEAK**
+>
+> The unencrypted content of each page is accessible through the search index.
+> Not encrypting the search index means completely removing the protection provided by this plugin.
+> You have been warned 
+
+You can set `decrypt_search: True` in your `mkdocs.yml` to disable the search index encryption process.
+
+```yaml
+plugins:
+    - encryptcontent:
+        decrypt_search: True
+```
+
+It becomes possible again to make searches on all the pages, even if the content of the page is encrypted. 
+
+If you still want to protect some pages, even though the search index is not encrypted, you can use [mkdocs-exclude-search](https://github.com/chrieke/mkdocs-exclude-search) to exclude parts or complete articles from the search index.
+
+
 ## Contributing
 
 From reporting a bug to submitting a pull request: every contribution is appreciated and welcome.
+
 Report bugs, ask questions and request features using [Github issues][github-issues].
+
 If you want to contribute to the code of this project, please read the [Contribution Guidelines][contributing].
 
-[mkdocs-plugins]: http://www.mkdocs.org/user-guide/plugins/
+[mkdocs-plugins]: https://www.mkdocs.org/dev-guide/plugins/
 [github-issues]: https://github.com/CoinK0in/mkdocs-encryptcontent-plugin/issues
 [contributing]: CONTRIBUTING.md
 
-### Contributors
-
-- [anthonyeden](https://github.com/anthonyeden)
+### [Contributors](https://github.com/CoinK0in/mkdocs-encryptcontent-plugin/graphs/contributors)

encryptcontent/decrypt-form.tpl.html

@@ -138,7 +138,9 @@ <h1>{{ summary }}</h1>
                     decrypted_content.innerHTML = content;
                     encrypted_content.parentNode.removeChild(encrypted_content);
                     // any post processing on the decrypted content should be done here
-                    {% if arithmatex %}MathJax.typesetPromise(){% endif %}
+                    {% if arithmatex %}
+                    MathJax.typesetPromise()
+                    {% endif %}
                     {% if hljs %}
                     document.getElementById("mkdocs-decrypted-content").querySelectorAll('pre code').forEach((block) => {
                         hljs.highlightBlock(block);

encryptcontent/plugin.py

@@ -4,6 +4,7 @@
 import mkdocs
 import base64
 import hashlib
+import logging
 from Crypto import Random
 from jinja2 import Template
 from Crypto.Cipher import AES
@@ -39,6 +40,7 @@
     'encryption_info_message': 'Contact your administrator for access to this page.'
 }
 
+logger = logging.getLogger("mkdocs.plugins.encryptcontent")
 
 class encryptContentPlugin(BasePlugin):
     """ Plugin that encrypt markdown content with AES and inject decrypt form. """
@@ -59,6 +61,7 @@ class encryptContentPlugin(BasePlugin):
         ('password_button', mkdocs.config.config_options.Type(bool, default=False)),
         ('password_button_text', mkdocs.config.config_options.Type(string_types, default=str(settings['password_button_text']))),
         ('encrypted_something', mkdocs.config.config_options.Type(dict, default={})),
+        ('decrypt_search', mkdocs.config.config_options.Type(bool, default=False)),
     )
 
     def __hash_md5__(self, text):
@@ -178,6 +181,11 @@ def on_pre_build(self, config):
         if 'encrypted_something' in plugin_config.keys():
             encrypted_something = self.config.get('encrypted_something')
             setattr(self, 'encrypted_something', encrypted_something)
+        # Check if decrypt_search is enable: generate search_index.json on clear text (Data leak)
+        setattr(self, 'decrypt_search', False)
+        if 'decrypt_search' in plugin_config.keys():
+            decrypt_search = self.config.get('decrypt_search')
+            setattr(self, 'decrypt_search', decrypt_search)            
 
     def on_page_markdown(self, markdown, page, config, **kwargs):
         """
@@ -226,27 +234,50 @@ def on_page_content(self, html, page, config, **kwargs):
             if self.tag_encrypted_page:
                 # Set attribute on page to identify encrypted page on template rendering
                 setattr(page, 'encrypted', True)
+            if self.decrypt_search:
+                # Keep encrypted html as temporary variable on page ... :(
+                setattr(page, 'html_encrypted', self.__encrypt_content__(html))
+            else:
+                # Overwrite html with encrypted html, cause search it's encrypted too
+                # Process encryption here, speed up mkdocs-search bultin plugin
+                html = self.__encrypt_content__(html)
             if self.encrypted_something:
                 # Set attributes on page to retrieve password on POST context
                 setattr(page, 'password', self.password)
-            html = self.__encrypt_content__(html)
         return html
 
+    def on_page_context(self, context, page, config, **kwargs):
+        """
+        The page_context event is called after the context for a page is created and 
+        can be used to alter the context for that specific page only.
+
+        :param context: dict of template context variables
+        :param page: mkdocs.nav.Page instance
+        :param config: global configuration object
+        :param nav: global navigation object
+        :return: dict of template context variables
+        """
+        if self.decrypt_search and page.content and hasattr(page, 'html_encrypted'):
+            page.content = page.html_encrypted
+            delattr(page, 'html_encrypted')
+        return context
+
     def on_post_page(self, output_content, page, config, **kwargs):
         """
         The post_page event is called after the template is rendered,
         but before it is written to disc and can be used to alter the output of the page.
         If an empty string is returned, the page is skipped and nothing is written to disc.
+
         :param output_content: output of rendered template as string
         :param page: mkdocs.nav.Page instance
-        :param config:  global configuration object
+        :param config: global configuration object
         :return: output of rendered template as string
         """
         # Limit this process only if encrypted_something feature is enable *(speedup)*
         if self.encrypted_something and hasattr(page, 'encrypted') and len(self.encrypted_something) > 0:
             soup = BeautifulSoup(output_content, 'html.parser')
             for name, tag in self.encrypted_something.items():
-                #print({'name': name, 'html tag': tag[0], 'type': tag[1]})
+                #logger.debug({'name': name, 'html tag': tag[0], 'type': tag[1]})
                 something_search = soup.findAll(tag[0], { tag[1]: name })
                 if something_search is not None and len(something_search) > 0:
                     # Loop for multi child tags on target element
@@ -275,3 +306,13 @@ def on_post_page(self, output_content, page, config, **kwargs):
                             item['style'] = "display:none"
             output_content = str(soup)
         return output_content
+
+    def on_post_build(self, config):
+        """
+        The post_build event does not alter any variables. 
+        Use this event to call post-build scripts.
+
+        :param config: global configuration object
+        """
+
+

setup.py

@@ -11,7 +11,7 @@ def read(fname):
 
 setup(
     name='mkdocs-encryptcontent-plugin',
-    version='1.0.0',
+    version='1.1.0',
     author='CoinK0in',
     author_email='[email protected]',
     description='A MkDocs plugin that encrypt/decrypt markdown content with AES',