Application Security Testing: An Integral Part of DevOps
If you're a developer and use the Internet at all, you've probably heard of RSS by now. The RSS format provides a Web site a way to easily share its content with other sites or client applications. An RSS feed, or channel, is simply an XML file that uses a set of defined tags to describe the site and a collection of items. Items provide a title, a direct URL, and a description of the item. Different organizations have created several different versions of RSS, but they are all very similar.
Overview of Sample RSS Viewer Application
Displaying RSS feeds or channels is very easy using Visual Basic 2005. To demonstrate, this tutorial walks you through building a very simple RSS viewer. The viewer will enable you to enter the URL for an RSS feed and then it will retrieve the title, description, and link for that channel. It will also retrieve and display a list of items from the feed. It will display the item titles in a listbox, the item URL in a LinkLabel, and the item description and URL in a WebBrowser control (see Figure 1).
Figure 1: A Very Simple RSS Viewer
To simplify the example, I tested it with only RSS 2.0 feeds. Also, I created this application using Visual Basic 2005 Express Edition, which is available for free from Microsoft.
The RSSItem and RSSChannel Classes
Two classes comprise the heart of the RSS Viewer: RSSItem and RSSChannel. The RSSItem class is the first and simpler one. It is a very simple class that does not provide any methods other than the constructor. RSSItem simply encapsulates the Title, Link, and Description properties of an RSS item.
The RSSItem class has three private members and the associated properties to provide access to them. The constructor simply initializes each of the members to an empty string, as follows:
Private m_Title As String Private m_Link As String Private m_Description As String Public Sub New() Title = "" Link = "" Description = "" End Sub
The RSSChannel class is the real heart of the RSS Viewer. It encapsulates the Title, Link, and Description properties for the RSS Channel just like the RSSItem class does for the RSS items. However, its greatest value comes from providing methods for retrieving the RSS channel information and the actual RSS items from the channel.
The RSSChannel class has the same three private members and associated properties as the RSSItem class. It also has a private member and an associated property to store the RSS channel URL. The constructor takes a URL that points to an RSS feed as a parameter. It initializes FeedURL with the URL parameter and each of the remaining members to an empty string. It then calls GetChannelInfo to populate the channel properties, as follows:
Private m_FeedURL As String Private m_Title As String Private m_Link As String Private m_Description As String Public Sub New(ByVal url As String) FeedURL = url Title = "" Link = "" Description = "" GetChannelInfo() End Sub
In the GetChannelInfo subroutine, the code creates an XmlNodeList object and then calls the GetXMLDoc function, passing in the string "rss/channel" as the node path. In return, you receive an XmlNodeList containing the XML that has the Title, Link, and Description of the RSS channel. By using the values in the XmlNodeList, you can set the properties of your RSSChannel class, as follows:
Private Sub GetChannelInfo() Dim rss As XmlNodeList = GetXMLDoc("rss/channel") Title = rss(0).SelectSingleNode("title").InnerText Link = rss(0).SelectSingleNode("link").InnerText Description = rss(0).SelectSingleNode("description").InnerText End Sub
The GetXMLDoc function takes a node path as a parameter. The node path specifies which part of the XML file you're trying to retrieve. The function first creates an empty XmlNodeList in which to store the returned nodes. It then creates a WebRequest and a WebResponse object to request data from the URL and receive the response. After you receive a response, you create a Stream object to hold the data from the GetResponseStream method of the WebResponse object. You then create an XmlDocument object and load the data into it via the Load method. At that point, you can easily access the XML data by using the SelectedNodes method and specifying what node you want to access:
Private Function GetXMLDoc(ByVal node As String) As XmlNodeList Dim tempNodeList As System.Xml.XmlNodeList = Nothing Dim request As WebRequest = WebRequest.Create(Me.FeedURL) Dim response As WebResponse = request.GetResponse() Dim rssStream As Stream = response.GetResponseStream() Dim rssDoc As XmlDocument = New XmlDocument() rssDoc.Load(rssStream) tempNodeList = rssDoc.SelectNodes(node) Return tempNodeList End Function
Next, you use the same GetXMLDoc function to retrieve the actual RSS feed items.
The GetChannelItems subroutine works very much like the GetChannelInfo subroutine. The main difference is that, in this case, you know there will most likely be multiple items, so you use a For Each loop to read in each item and store it in an ArrayList. Once you've processed all of the items, you return the ArrayList object:
Public Function GetChannelItems() As ArrayList Dim tempArrayList As New ArrayList Dim Dim rssItems As XmlNodeList = GetXMLDoc("rss/channel/item") Dim Dim item As XmlNode For Each item In rssItems Dim newItem As New RSSItem With newItem .Title = item.SelectSingleNode("title").InnerText .Link = item.SelectSingleNode("link").InnerText .Description = item.SelectSingleNode("description").InnerText End With tempArrayList.Add(newItem) Next Return tempArrayList End Function
This simple RSS viewer example shows just how easy it is to use RSS feeds in Visual Basic 2005, but you could do much more. For example, you could:
- Add error-handling code, using Try...Catch...Finally, to gracefully handle any errors you may encounter
- Add support for more versions of RSS
- Expand the RSSChannel class to include language, docs, copyright, generator, and so forth, and expand the RSSItem class to include the pubDate, GUID, and comments tags (The application currently handles only the required RSS feed tags.)
- Add support for the image tag (This tag allows feeds to supply a link to an image and a title for it.)
- Add support for accessing more than one RSS feed at a time
- Add database support to remember which RSS feeds you've visited and which items within each feed have already been read
About the Author
Josh Fitzgerald is an applications development group leader for a large medical device company in Warsaw, Indiana. Designing and developing Visual Basic .NET applications is only one of his responsibilities, but it is his favorite part of his job. You can reach Josh at email@example.com.