-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP][FurAffinityBridge] Add new bridge #1083
Conversation
Hmmm.... I kinda have mixed feelings about including the cookie in the code... |
Yeah the whole shared account thing doesn't seem like the best. Also about it being read-only: I imagine one could use it to "log out" without a password which would invalidate the cookie which isn't great either. |
I agree. Cookies reveal no more information than any other API key, so we should treat it the same.
Even if this happens, users will eventually figure out to insert their own personal cookie to make it work. If bridges had access to the settings (separate from the RSS-Bridge settings), it would be possible for server Administrators to specify their own keys without changing the source code. That way we don't have to share keys publicly. It might be worth looking into this if more bridges require authentication in the future. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Impressive bridge, looks good to me 👍
Find below a few comments for consideration. I have no objection against the cookie as mentioned above.
->find('.alt1 table div.no_overflow', 0) | ||
->innertext; | ||
|
||
$this->items[] = $item; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of if($limit-- === 0) break;
above, you can do
$this->items[] = $item; | |
$this->items[] = $item; | |
if (count($this->items) >= $limit) break; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The reason this was done this way was to allow limit = -1 to mean "unlimited", like suggested in the relevant bridge parameters' titles. I added a comment about this in 2563019.
Maybe doing it the way you suggested and having limit = 9999 or such is more obvious for users though. What do you think?
$cache = ($this->getInput('cache') === true); | ||
|
||
foreach($html->find('section.gallery figure') as $figure) { | ||
if($limit-- === 0) break; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above
bridges/FurAffinityBridge.php
Outdated
'Content-Type: application/x-www-form-urlencoded', | ||
'Cookie: ' . self::FA_AUTH_COOKIE | ||
); | ||
return getSimpleHTMLDOM($this->getURI(), $header, $opts); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you check what happens if the cookie is invalid?
It might return error 401 which could be translated to a proper error message for the user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sadly it returns a 200 whether the cookie is valid or not, with an error message on some pages. That could be parsed but for most lists of posts the results are just filtered and otherwise look normal with no error message, so I'm not sure how a faulty cookie could be detected properly.
I suppose sending an additional request at the beginning of collectData
to something like the users settings page would reliably return a page that could be parsed for error messages so maybe that's an option. Do you think it'd be worth it?
Please don't forget to remove the '[WIP]' if this is ready for merge. |
I am agreeing with @logmanoriginal about the credentials. Let's test it while we haven't got any better solution |
Thanks for the PR and for taking in account our suggestions ! Merged ! |
* [FurAffinityBridge] Add new bridge
New bridge for furaffinity.net.
While github.com/boothale/faexport already exists I wanted something integrated with rss-bridge.
FurAffinity requires an authenticated user for most things, so this bridge uses an authentication cookie from a shared FurAffinity account.
As far as I can tell these cookes don't really normally expire, and any write operations with the account should require a password. FurAffinity does have an access log for the account which shows IP addressess of requests which is not ideal though. I'm not sure if there is some better way to handle this. Maybe requiring the user to specify their own cookies, but that doesn't feel too great either. Suggestions are welcome.
This depends on #1057 to work.