Support SSE for source updates #197

davidoskky · 2025-04-12T20:51:35Z

davidoskky commented

2025-04-12 20:51:35 +00:00

This PR implements support for Server Side Events when calling the /update endpoint. While this technically supports the new API introduced in 6.1.0, the information is not used in any way.
The information could be used to display a toast message communicating to the user the update progress, but it is unclear whether this is useful or would just clutter the UI.
I removed the authentication information from the header. The /update endpoint requires no authentication and sending authentication information over GET requests can be unsafe.

Types of changes

I have read the CONTRIBUTING document.
My code follows the code style of this project.
I have updated the documentation accordingly.
I have added tests to cover my changes.
All new and existing tests passed.
This is NOT translation related.

This implements feature #140

This PR implements support for Server Side Events when calling the /update endpoint. While this technically supports the new API introduced in 6.1.0, the information is not used in any way. The information could be used to display a toast message communicating to the user the update progress, but it is unclear whether this is useful or would just clutter the UI. I removed the authentication information from the header. The /update endpoint requires no authentication and sending authentication information over GET requests can be unsafe. ## Types of changes - [x] I have read the **CONTRIBUTING** document. - [x] My code follows the code style of this project. - [ ] I have updated the documentation accordingly. - [ ] I have added tests to cover my changes. - [x] All new and existing tests passed. - [x] This is **NOT** translation related. This implements feature #140

davidoskky added 2 commits 2025-04-12 20:51:36 +00:00

Support SSE for source updates a7bc64d61e

This uses the Server Side Events added in Selfoss API 6.1.0 when calling GET /update
This change only supports the new response format but provides no change for the users.
The older versions are still supported.

Remove login information from update request

Check PR code / translations (pull_request) Successful in 38s

Details

Check PR code / Lint (pull_request) Successful in 49s

Details

Check PR code / build (pull_request) Successful in 35s

Details

269937ff09

Removed the username and password in the GET /update request.
The endpoint does not require authentication and it is unsafe to transmit login credentials over GET requests.

davidoskky force-pushed source-update from 269937ff09 to 4b9899c04e

2025-04-12 21:01:01 +00:00

Compare

AmineB commented

2025-04-13 12:48:38 +00:00

I removed the authentication information from the header. The /update endpoint requires no authentication and sending authentication information over GET requests can be unsafe.

Please don't. Older versions of selfoss work like this.
This is also used for BASIC authentication.

> I removed the authentication information from the header. The /update endpoint requires no authentication and sending authentication information over GET requests can be unsafe. Please don't. Older versions of selfoss work like this. This is also used for BASIC authentication.

davidoskky commented

2025-04-13 15:42:57 +00:00

As far as I can see, all versions back up to selfoss 1.1 do not need authentication to trigger sources update. In fact, in every version it is advised to have a cronjob doing a curl on the /update endpoint.
I have not removed authentication for other endpoints, the change is only modifying the request to /update.

As far as I can see, all versions back up to selfoss 1.1 do not need authentication to trigger sources update. In fact, in every version it is advised to have a cronjob doing a curl on the /update endpoint. I have not removed authentication for other endpoints, the change is only modifying the request to /update.

AmineB commented

2025-04-15 19:35:51 +00:00

Sorry about that, I thought that the change was for every call.

Regarding this comment

The information could be used to display a toast message communicating to the user the update progress, but it is unclear whether this is useful or would just clutter the UI.

What's the point of these changes if that does nothing ?

Sorry about that, I thought that the change was for every call. Regarding this comment > The information could be used to display a toast message communicating to the user the update progress, but it is unclear whether this is useful or would just clutter the UI. What's the point of these changes if that does nothing ?

Check PR code / translations (pull_request) Successful in 30s

Details

Check PR code / Lint (pull_request) Successful in 38s

Details

Check PR code / build (pull_request) Successful in 24s

Details

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions.

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u source-update:davidoskky-source-update

git checkout davidoskky-source-update

Sign in to join this conversation.

2 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Louvorg/ReaderForSelfoss-multiplatform#197