Code review of feed to html console application

Hi there

I’ve written a console application in Rust and would like some feedback on where I could improve:

  • readability
  • pitfalls
  • general usage of Rust

The source code is located here feed2html_rs

My program reads a list of RSS or Atom feeds from a SQLite3 database and saves the entries back the database. Code for this is located in the src/read/

Then it writes all entries to a static HTML file for each feed and this code is located in src/write/

And lastly is uploads the static HTML files to an FTP server for later browsing and you’ll find the code in src/upload/

You’re welcome to dig into any parts of the code if you want.

I welcome any constructive criticism you might have

  • Escape all values you insert into HTML. Inconsistent handling of entities and HTML in feeds is a pain for creators, and in some cases could be an XSS risk for consumers.

  • path.join() doesn’t care about the content of the argument, so join("a").join("b") can be join("a/b").

  • Interesting that you put extern crate in each module. I put them all in the root. Fortunately they’re all going away in Rust 2018 :slight_smile:

  1. Check. Seems reasonable and the right thing to do. By escaping my HTML are you referring to any script tags there might be in the source?
  2. I was chaining path.join() because I watned to be sure it worked on Windows and as well on *nix and I didn’t think trying your suggestion.
  3. I getting comlie time errors when having all extern crate in root so I moved them into each module knowning I would repet some of them. Good to know they are going away.

And lastly thanks for the feedback

I’m referring to every single value, like urls and titles, that you put in HTML. Everything that is not explicitly a formatted markup, should be escaped. I use ructe templates to automatically escape all variables. In case you’d be printing descriptions (which are HTML), you can use ammonia to remove potential invalid/unsafe HTML from them.

1 Like

Ahh :bulb:. And thank you for the links :+1: