.

Author: gildesmarais

.github/workflows/ci.yml

@@ -74,11 +74,6 @@ jobs:
       - name: Build frontend
         run: npm run build
 
-      - name: Verify build output
-        run: |
-          grep -q "html2rss-web" dist/index.html
-          grep -q "Feed Gallery" dist/gallery/index.html
-
   docker-test:
     if: github.event_name == 'push'
     needs:

app.rb

@@ -42,14 +42,14 @@ def development? = self.class.development?
       opts[:check_dynamic_arity] = false
       opts[:check_arity] = :warn
       use Rack::Cache, metastore: 'file:./tmp/rack-cache-meta', entitystore: 'file:./tmp/rack-cache-body',
-                       verbose: false
+                       verbose: development?
 
       plugin :content_security_policy do |csp|
         csp.default_src :none
         csp.style_src :self, "'unsafe-inline'"
         csp.script_src :self, "'unsafe-inline'"
         csp.connect_src :self
-        csp.img_src :self, 'data:', 'blob:'
+        csp.img_src :self
         csp.font_src :self, 'data:'
         csp.form_action :self
         csp.base_uri :none

app/account_manager.rb

@@ -7,46 +7,38 @@ module Web
     ##
     # Account management functionality
     module AccountManager
-      module_function
+      class << self
+        # @param token [String]
+        # @return [Hash, nil]
+        def get_account(token)
+          return nil unless token && token_index.key?(token)
 
-      # @param token [String]
-      # @return [Hash, nil]
-      def get_account(token)
-        return nil unless token && token_index.key?(token)
+          token_index[token]
+        end
 
-        token_index[token]
-      end
+        # @return [Array<Hash>]
+        def accounts
+          @accounts ||= begin # rubocop:disable ThreadSafety/ClassInstanceVariable
+            auth_config = LocalConfig.global[:auth]
 
-      # @return [Hash] token to account mapping
-      def token_index
-        @token_index ||= build_token_index # rubocop:disable ThreadSafety/ClassInstanceVariable
-      end
+            auth_config&.dig(:accounts) ? auth_config[:accounts].transform_keys(&:to_sym) : []
+          end
+        end
 
-      # @return [Hash]
-      def build_token_index
-        accounts.each_with_object({}) { |account, hash| hash[account[:token]] = account }
-      end
+        # @param username [String]
+        # @return [Hash, nil]
+        def get_account_by_username(username)
+          return nil unless username
 
-      # @return [Array<Hash>]
-      def accounts
-        auth_config = LocalConfig.global[:auth]
-        return [] unless auth_config&.dig(:accounts)
-
-        auth_config[:accounts].map do |account|
-          {
-            username: account[:username].to_s,
-            token: account[:token].to_s,
-            allowed_urls: Array(account[:allowed_urls]).map(&:to_s)
-          }
+          accounts.find { |account| account[:username] == username }
         end
-      end
 
-      # @param username [String]
-      # @return [Hash, nil]
-      def get_account_by_username(username)
-        return nil unless username
+        private
 
-        accounts.find { |account| account[:username] == username }
+        # @return [Hash] token to account mapping
+        def token_index
+          @token_index ||= accounts.each_with_object({}) { |account, hash| hash[account[:token]] = account } # rubocop:disable ThreadSafety/ClassInstanceVariable
+        end
       end
     end
   end

app/api/v1/strategies.rb

@@ -16,8 +16,7 @@ def index(_request)
                 {
                   id: name.to_s,
                   name: name.to_s,
-                  display_name: name.to_s.split('_').map(&:capitalize).join(' '),
-                  available: true
+                  display_name: name.to_s.split('_').map(&:capitalize).join(' ')
                 }
               end
 

app/auth_utils.rb

@@ -8,24 +8,24 @@ module Web
     ##
     # Authentication utility functions
     module AuthUtils
-      module_function
+      class << self
+        # @param username [String]
+        # @param url [String]
+        # @param token [String]
+        # @return [String] 16-character hex feed ID
+        def generate_feed_id(username, url, token)
+          content = "#{username}:#{url}:#{token}"
+          Digest::SHA256.hexdigest(content)[0..15]
+        end
 
-      # @param username [String]
-      # @param url [String]
-      # @param token [String]
-      # @return [String] 16-character hex feed ID
-      def generate_feed_id(username, url, token)
-        content = "#{username}:#{url}:#{token}"
-        Digest::SHA256.hexdigest(content)[0..15]
-      end
-
-      # Escapes XML special characters to prevent injection attacks
-      # @param text [String]
-      # @return [String]
-      def sanitize_xml(text)
-        return '' unless text
+        # Escapes XML special characters to prevent injection attacks
+        # @param text [String]
+        # @return [String]
+        def sanitize_xml(text)
+          return '' unless text
 
-        CGI.escapeHTML(text.to_s)
+          CGI.escapeHTML(text.to_s)
+        end
       end
     end
   end

app/auto_source.rb

@@ -11,68 +11,70 @@ module Web
     ##
     # Auto source functionality for generating RSS feeds from any website
     module AutoSource
-      module_function
-
-      # @return [Boolean]
-      def enabled?
-        if EnvironmentValidator.development?
-          ENV.fetch('AUTO_SOURCE_ENABLED', nil) != 'false'
-        else
-          ENV.fetch('AUTO_SOURCE_ENABLED', nil) == 'true'
+      class << self
+        # @return [Boolean]
+        def enabled?
+          if EnvironmentValidator.development?
+            ENV.fetch('AUTO_SOURCE_ENABLED', nil) != 'false'
+          else
+            ENV.fetch('AUTO_SOURCE_ENABLED', nil) == 'true'
+          end
         end
-      end
 
-      def create_stable_feed(name, url, token_data, strategy = 'ssrf_filter')
-        return nil unless url_allowed_for_token?(token_data, url)
+        def create_stable_feed(name, url, token_data, strategy = 'ssrf_filter')
+          return nil unless url_allowed_for_token?(token_data, url)
 
-        feed_id = AuthUtils.generate_feed_id(token_data[:username], url, token_data[:token])
-        feed_token = Auth.generate_feed_token(token_data[:username], url)
-        return nil unless feed_token
+          feed_id = AuthUtils.generate_feed_id(token_data[:username], url, token_data[:token])
+          feed_token = Auth.generate_feed_token(token_data[:username], url)
+          return nil unless feed_token
 
-        identifiers = { feed_id: feed_id, feed_token: feed_token }
+          identifiers = { feed_id: feed_id, feed_token: feed_token }
 
-        build_feed_data(name, url, token_data, strategy, identifiers)
-      end
+          build_feed_data(name, url, token_data, strategy, identifiers)
+        end
 
-      # @param token_data [Hash]
-      # @param url [String]
-      # @return [Boolean]
-      def url_allowed_for_token?(token_data, url)
-        account = AccountManager.get_account_by_username(token_data[:username])
-        return false unless account
+        def generate_feed_from_stable_id(feed_id, token_data)
+          return nil unless token_data
 
-        UrlValidator.url_allowed?(account, url)
-      end
+          # Reconstruct feed data from token and feed_id
+          # Stateless operation
+          {
+            id: feed_id,
+            url: nil, # Will be provided in request
+            username: token_data[:username],
+            strategy: 'ssrf_filter'
+          }
+        end
 
-      def generate_feed_from_stable_id(feed_id, token_data)
-        return nil unless token_data
+        def generate_feed_content(url, strategy = 'ssrf_filter')
+          feed_content = FeedGenerator.call_strategy(url, strategy)
+          FeedGenerator.process_feed_content(url, strategy, feed_content)
+        end
 
-        # Reconstruct feed data from token and feed_id
-        # Stateless operation
-        {
-          id: feed_id,
-          url: nil, # Will be provided in request
-          username: token_data[:username],
-          strategy: 'ssrf_filter'
-        }
-      end
+        private
 
-      def generate_feed_content(url, strategy = 'ssrf_filter')
-        feed_content = FeedGenerator.call_strategy(url, strategy)
-        FeedGenerator.process_feed_content(url, strategy, feed_content)
-      end
+        # @param token_data [Hash]
+        # @param url [String]
+        # @return [Boolean]
+        def url_allowed_for_token?(token_data, url)
+          account = AccountManager.get_account_by_username(token_data[:username])
+          return false unless account
 
-      def build_feed_data(name, url, token_data, strategy, identifiers)
-        public_url = "/api/v1/feeds/#{identifiers[:feed_token]}"
+          UrlValidator.url_allowed?(account, url)
+        end
+
+        def build_feed_data(name, url, token_data, strategy, identifiers)
+          public_url = "/api/v1/feeds/#{identifiers[:feed_token]}"
 
-        {
-          id: identifiers[:feed_id],
-          name: name,
-          url: url,
-          username: token_data[:username],
-          strategy: strategy,
-          public_url: public_url
-        }
+          {
+            id: identifiers[:feed_id],
+            name: name,
+            url: url,
+            username: token_data[:username],
+            strategy: strategy,
+            public_url: public_url
+          }
+        end
       end
     end
   end