Skip to main content

classify_feed_privacy

Function classify_feed_privacy 

Source
pub fn classify_feed_privacy(url: &str) -> FeedPrivacy
Expand description

Classify whether a feed URL carries a secret credential in the URL itself.

Returns FeedPrivacy::Private (with a reason) when the URL looks like it embeds a token / key / auth credential, else FeedPrivacy::Public.

Design — provider-agnostic first. The primary defence is a generic credential-in-URL heuristic that catches paid feeds from any provider, not just the ones we’ve named; a secondary known-provider table adds precision (and a nicer reason) for the common paid newsletters and private podcasts. We deliberately bias toward flagging: a false-positive block of a public feed is low-harm (the user just can’t add that one feed yet), whereas a false negative would leak a paid secret onto the public network — high-harm.

Detection (any one is sufficient):

  1. Userinfohttps://user:pass@host/… embeds credentials directly.
  2. Known private-feed path markers — [PRIVATE_PATH_MARKERS] (/feed/private/, /members/, /subscriber/, …).
  3. Credential query parameters — a query key in [SECRET_QUERY_KEYS] with a long/opaque value (Patreon ?auth=, Ghost ?uuid=, ?token=, …).
  4. High-entropy opaque token segments — a long opaque blob (hex ≥ 16, base64url ≥ 16, or a UUID) anywhere in the path or a query value, even without a telltale name.
  5. Known providers — [KNOWN_PROVIDERS] host (+ optional marker) match.

An unparseable URL is treated as FeedPrivacy::Public: the add path rejects a malformed URL downstream anyway, and we don’t want a parse quirk to misclassify.