URL shortening / anonymising

[Dinth]

Is your feature request related to a problem? Please describe.

I would like to setup RSS bridge generating some feeds (for example from OpenCVE) for use at work. Unfortunately, currently the feeds generated by rss-bridge contain all the details (like access credentials to the third party) within the url, so adding the link to rss-bridge feed into some scripts at work would also require me to share my OpenCVE credentials with my workmates.
Additionally, it opens rss-bridge to abuse in such scenario, when someone can freely modify the feed url to use it for personal reasons or even potentially inject some code through GET method.
Currently OpenCVE is a problem, but also i had some more advanced uses of rss-bridge in mind which unfortunately i wont be able to do in the current form (as they wont be share'able).

Describe the solution you'd like
I think that the easiest solution would be adding an pseudo-"url shortening" functionality to rss-bridge. Each generated feed within rss-bridge could have an ID assigned (lets say five-six random characters) and going to <rss-bridge.domain>/ would allow accessing it. Such access could not require credentials, while accessing the main (admin) url, would.

Describe alternatives you've considered
I was not able to think about any other alternatives.

[dvikan]

a solution: bridges can have private config

see https://rss-bridge.github.io/rss-bridge/Bridge_Specific

[NotsoanoNimus]

@Dinth The branch from the PR above (#4171) will most likely get you what you're looking for out-of-the-box. Give it a read and see if that's what you'd like to use.

[Dinth]

@NotsoanoNimus Legend!

[Dinth]

@NotsoanoNimus what happened with the PR? I was just about to clone your repository :(

[NotsoanoNimus]

@NotsoanoNimus what happened with the PR? I was just about to clone your repository :(

Howdy, sorry about the confusion. If you're looking for this feature, you can pull from my divergent fork of this project. It has URL encryption/masking built in, but still left as an optional feature to enable.

[Mynacol]

I was just looking at the PR before I noticed it was closed by its author.
Protecting credentials is of course important and the existing private config method is only available to self-hosters. So there is a hole to be filled.

However, a part of me thinks generally encrypting the URL is against the spirit of this project, as it prevents users modifying the parameters. In the meantime, supporting the protection of credentials in all bridges with the private config method is a good idea and I hope self-hosting is easy enough.

[Dinth]

@NotsoanoNimus: would it be possible for you to create a docker repo on docker hub?

@Mynacol i think that its not only this project's spirit, but generally an OSS spirit to give users freedom of using software as they're pleased. But i believe that currently (and sorry i dont mean to attack anyone - rss-bridge is amazing piece of software and i appreciate every line of code in it!), the freedom of using rss-bridge is severly limited: I can either do an instance only for myself, or fully open the instance for everyone around the world - not only to access it, but to use it in any way they want. And that's only if i have unlimited bandwidth on my internet connection, because with fully public instance people may and probably will abuse it. There's not much in between. Not to mention using rss-bridge in a more professional environment" let's say i would like to host something on a corporate server, but someone will modify the url, generating a feed for some illegal content and share the link (to a company owned subdoimain) online.