Invoke program to get feed

[alexpdp7]

I've written a small scraper for a website that produces an RSS feed. This works well, but I have to host the scraper as a daemon. I thought it would be cool if Miniflux could invoke an executable to get a feed instead of making an HTTP request. Perhaps an exec:///path/to/program URL scheme.

I think this would enable a few interesting use cases:

• Extending Miniflux to support Gemini subscriptions
• Create feeds that "fix" bad feeds
  • In my case, I follow a site that has good front page content, but which litters their RSS feed with SEO articles. I started blocking keywords, but it was not great doing this with regex.
  • A Google News RSS deduplicator
  • Offloading the "fix summary RSS feeds" that Miniflux already does to a separate tool (which could still be distributed with Miniflux)
• Creating proxies (e.g. fetch this feed through a VPN)
• Creating tools that combine several feeds (e.g. group articles referencing the same URLs?)

I'm not really sure this would be superworthwhile (it would be nice for me, though!), but perhaps someone can find more creative/powerful uses cases.

[fguillot]

Allowing people to run arbitrary commands as some security implications. That would need to be implemented very carefully.

Your approach seems to be the best solution for now.

[wolfhechel]

Interesting idea but dangerous to say the least, especially on hosted instances of miniflux. What's to stop someone from crafting together a malicious configuration? On a bare-metal Linux machine with poorly configured permission policies something like exec:///usr/bin/reboot could have serious consequences.

A solution could be to use a combination of environmental variables and user configurations. For instance:
EXEC_ALIAS="gemini:/usr/bin/gemini-proxy" RUN_MIGRATIONS=1 miniflux
Then user could configure a feed for URL "gemini://urlgoesonandon", the full URL would be passed on to /usr/bin/gemini-proxy as argv[1] and miniflux would anticipate an RSS or Atom feed in stdout.

I reckon anyone who can provision a server with an executable program would have the possibility to alter the environmental variables passed on to miniflux, this feels like a better approach than having to maintain a black/whitelist on the server or within Miniflux codebase.

[alexpdp7]

Adding extra "protocol handlers" as global configuration sounds like a better way, indeed. This would solve my current problem too.