improve auto_source ux

Author: gildesmarais

app.rb

@@ -13,6 +13,7 @@
 require_relative 'app/api_routes'
 require_relative 'app/response_helpers'
 require_relative 'app/static_file_helpers'
+require_relative 'app/xml_builder'
 
 module Html2rss
   module Web

app/auto_source.rb

@@ -2,6 +2,7 @@
 
 require 'uri'
 require_relative 'auth'
+require_relative 'xml_builder'
 
 module Html2rss
   module Web
@@ -87,50 +88,64 @@ def generate_feed_from_stable_id(feed_id, token_data)
       end
 
       def generate_feed_content(url, strategy = 'ssrf_filter')
-        call_strategy(url, strategy)
+        feed_content = call_strategy(url, strategy)
+
+        # Check if feed is empty and provide better error handling
+        if feed_content.respond_to?(:to_s)
+          feed_xml = feed_content.to_s
+          if feed_xml.include?('<item>') == false
+            # Feed has no items - this might be a content extraction issue
+            return create_empty_feed_warning(url, strategy)
+          end
+        end
+
+        feed_content
+      end
+
+      def create_empty_feed_warning(url, strategy)
+        site_title = extract_site_title(url)
+        XmlBuilder.build_empty_feed_warning(
+          url: url,
+          strategy: strategy,
+          site_title: site_title
+        )
       end
 
+      # rubocop:disable Metrics/MethodLength
       def call_strategy(url, strategy)
         config = {
           stylesheets: [{ href: '/rss.xsl', type: 'text/xsl' }],
           strategy: strategy.to_sym,
           channel: {
             url: url,
-            title: "Auto-generated feed for #{url}"
+            title: extract_channel_title(url)
           },
-          auto_source: {}
+          auto_source: {
+            # Auto source configuration for automatic content detection
+            # This allows Html2rss to automatically detect content on the page
+          }
         }
 
         Html2rss.feed(config)
       end
+      # rubocop:enable Metrics/MethodLength
 
-      def error_feed(message)
-        sanitized_message = Auth.sanitize_xml(message)
-        build_rss_feed('Error', "Failed to generate auto-source feed: #{sanitized_message}", sanitized_message)
+      def extract_channel_title(url)
+        Html2rss::Url.for_channel(url).channel_titleized || 'RSS Feed'
       end
 
-      def access_denied_feed(url)
-        sanitized_url = Auth.sanitize_xml(url)
-        title = 'Access Denied'
-        description = 'This URL is not allowed for public auto source generation.'
-        item_description = "URL '#{sanitized_url}' is not in the allowed list for public auto source."
-        build_rss_feed(title, description, item_description)
+      def extract_site_title(url)
+        Html2rss::Url.for_channel(url).channel_titleized
+      rescue StandardError
+        nil
+      end
+
+      def error_feed(message)
+        XmlBuilder.build_error_feed(message: message)
       end
 
-      def build_rss_feed(title, description, item_description)
-        <<~RSS
-          <?xml version="1.0" encoding="UTF-8"?>
-          <rss version="2.0">
-            <channel>
-              <title>#{title}</title>
-              <description>#{description}</description>
-              <item>
-                <title>#{title}</title>
-                <description>#{item_description}</description>
-              </item>
-            </channel>
-          </rss>
-        RSS
+      def access_denied_feed(url)
+        XmlBuilder.build_access_denied_feed(url)
       end
     end
   end

app/feeds.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative 'auth'
+require_relative 'xml_builder'
 
 module Html2rss
   module Web
@@ -28,24 +29,7 @@ def generate_feed(feed_name, params = {})
       end
 
       def error_feed(message)
-        sanitized_message = Auth.sanitize_xml(message)
-        build_error_rss(sanitized_message)
-      end
-
-      def build_error_rss(sanitized_message)
-        <<~RSS
-          <?xml version="1.0" encoding="UTF-8"?>
-          <rss version="2.0">
-            <channel>
-              <title>Error</title>
-              <description>Failed to generate feed: #{sanitized_message}</description>
-              <item>
-                <title>Error</title>
-                <description>#{sanitized_message}</description>
-              </item>
-            </channel>
-          </rss>
-        RSS
+        XmlBuilder.build_error_feed(message: message)
       end
     end
   end

app/response_helpers.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Html2rss
+  module Web
+    ##
+    # Response helper methods for the main App class
+    module ResponseHelpers
+      module_function
+
+      def unauthorized_response
+        response.status = 401
+        response['WWW-Authenticate'] = 'Basic realm="Auto Source"'
+        'Unauthorized'
+      end
+
+      def forbidden_origin_response
+        response.status = 403
+        'Origin is not allowed.'
+      end
+
+      def access_denied_response(url)
+        response.status = 403
+        response['Content-Type'] = 'application/xml'
+        AutoSource.access_denied_feed(url)
+      end
+
+      def not_found_response
+        response.status = 404
+        'Feed not found'
+      end
+
+      def bad_request_response(message)
+        response.status = 400
+        message
+      end
+
+      def method_not_allowed_response
+        response.status = 405
+        'Method Not Allowed'
+      end
+
+      def internal_error_response
+        response.status = 500
+        'Internal Server Error'
+      end
+
+      def set_auto_source_headers
+        response['Content-Type'] = 'application/xml'
+        response['Cache-Control'] = 'private, must-revalidate, no-cache, no-store, max-age=0'
+        response['X-Content-Type-Options'] = 'nosniff'
+        response['X-XSS-Protection'] = '1; mode=block'
+      end
+
+      def health_check_unauthorized
+        response.status = 401
+        response['WWW-Authenticate'] = 'Bearer realm="Health Check"'
+        'Unauthorized'
+      end
+    end
+  end
+end

app/static_file_helpers.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+module Html2rss
+  module Web
+    ##
+    # Static file handling helpers for the main App class
+    module StaticFileHelpers
+      module_function
+
+      def handle_static_files(router)
+        router.on do
+          if router.path_info == '/'
+            serve_root_path
+          else
+            serve_astro_files(router)
+          end
+        end
+      end
+
+      def serve_root_path
+        index_path = 'public/frontend/index.html'
+        response['Content-Type'] = 'text/html'
+
+        if File.exist?(index_path)
+          File.read(index_path)
+        else
+          fallback_html
+        end
+      end
+
+      def fallback_html
+        <<~HTML
+          <!DOCTYPE html>
+          <html>
+          <head>
+            <title>html2rss-web</title>
+            <link rel="stylesheet" href="/water.css">
+          </head>
+          <body>
+            <h1>html2rss-web</h1>
+            <p>Convert websites to RSS feeds</p>
+            <p>API available at <code>/api/</code></p>
+          </body>
+          </html>
+        HTML
+      end
+
+      def serve_astro_files(router)
+        astro_path = "public/frontend#{router.path_info}"
+        if File.exist?("#{astro_path}/index.html")
+          serve_astro_file("#{astro_path}/index.html")
+        elsif File.exist?(astro_path) && File.file?(astro_path)
+          serve_astro_file(astro_path)
+        else
+          not_found_response
+        end
+      end
+
+      def serve_astro_file(file_path)
+        response['Content-Type'] = 'text/html'
+        File.read(file_path)
+      end
+
+      ##
+      # Validate and decode Base64 string safely
+      # @param encoded_string [String] Base64 encoded string
+      # @return [String, nil] decoded string if valid, nil if invalid
+      def validate_and_decode_base64(encoded_string)
+        return nil unless encoded_string.is_a?(String)
+        return nil if encoded_string.empty?
+
+        # Check if string contains only valid Base64 characters
+        return nil unless encoded_string.match?(%r{\A[A-Za-z0-9+/]*={0,2}\z})
+
+        # Attempt to decode
+        Base64.decode64(encoded_string)
+      rescue ArgumentError
+        nil
+      end
+    end
+  end
+end