Invoke program to get feed

[alexpdp7]

I've written a small scraper for a website that produces an RSS feed. This works well, but I have to host the scraper as a daemon. I thought it would be cool if Miniflux could invoke an executable to get a feed instead of making an HTTP request. Perhaps an exec:///path/to/program URL scheme.

I think this would enable a few interesting use cases:

• Extending Miniflux to support Gemini subscriptions
• Create feeds that "fix" bad feeds
  • In my case, I follow a site that has good front page content, but which litters their RSS feed with SEO articles. I started blocking keywords, but it was not great doing this with regex.
  • A Google News RSS deduplicator
  • Offloading the "fix summary RSS feeds" that Miniflux already does to a separate tool (which could still be distributed with Miniflux)
• Creating proxies (e.g. fetch this feed through a VPN)
• Creating tools that combine several feeds (e.g. group articles referencing the same URLs?)

I'm not really sure this would be superworthwhile (it would be nice for me, though!), but perhaps someone can find more creative/powerful uses cases.

[fguillot]

Allowing people to run arbitrary commands as some security implications. That would need to be implemented very carefully.

Your approach seems to be the best solution for now.

[wolfhechel]

Interesting idea but dangerous to say the least, especially on hosted instances of miniflux. What's to stop someone from crafting together a malicious configuration? On a bare-metal Linux machine with poorly configured permission policies something like exec:///usr/bin/reboot could have serious consequences.

A solution could be to use a combination of environmental variables and user configurations. For instance:
EXEC_ALIAS="gemini:/usr/bin/gemini-proxy" RUN_MIGRATIONS=1 miniflux
Then user could configure a feed for URL "gemini://urlgoesonandon", the full URL would be passed on to /usr/bin/gemini-proxy as argv[1] and miniflux would anticipate an RSS or Atom feed in stdout.

I reckon anyone who can provision a server with an executable program would have the possibility to alter the environmental variables passed on to miniflux, this feels like a better approach than having to maintain a black/whitelist on the server or within Miniflux codebase.

[alexpdp7]

Adding extra "protocol handlers" as global configuration sounds like a better way, indeed. This would solve my current problem too.

[Mihara]

I happen to have a similar use case - I have a program that reads email notifications from a particular web site and builds an RSS XML file. I still need a static web server for Miniflux to pick it up, but I need a web server to run Miniflux for myself anyway, so that mostly solves the problem.

However, a more flexible solution would be interesting. With the "file+static web server" solution I don't have to run a separate daemon (a cron job is enough) but I can't, for example, trigger feed generation the moment Miniflux arrives to check it, which prevents a plethora of similar but distinct use cases.

A general extra_special:// protocol handler which would, for example, poke an actual daemon over a pre-configured domain socket, whereas this daemon would use the rest of the URL to decide which of the potential feed generators/proxies to invoke and how would be nice.