Spidering Hacks by Morbus Iff, Tara Calishain

When learning about a technology or way of using technology, it’s always good to ask the big question: why? Why bother to spider? Why take the time to write a spider, make sure it works as expected, get permission from the appropriate site’s owner to use it, make it available to others, and spend time maintaining it? Trust us; once you’ve started using spiders, you’ll find no end to the ways and places they can be used to make your online life easier:

To spider, you must pull information from a web site. To pull information from a web site, you must wade your way through some flavor of tag soup, be it HTML, XML, plain text, or something else entirely. This is an inexact science, to put it mildly. If even one tag or bit of file formatting changes, your spider will probably break, leaving you dataless until such time as you retool. Thankfully, most sites aren’t doing huge revamps every six months like they used to, but they still change often enough that you’ll have to watch out for this.

To minimize the fragility of your scraping, use as little boundary data as you can when gleaning data from the page. Boundary data is the fluff around the actual goodness you want: the tags, superfluous verbiage, spaces, newlines, and such. For example, the title of an average web page looks something like this:

<title>This is the title</title>

If you’re after the title, the boundary data is the <title> and </title> tags.

Monitor your spider’s output on a regular basis to make sure it’s working as expected [Hack #31], make the appropriate adjustments as soon as possible to avoid losing ground with your data gathering, and design your spider to be as adaptive to site redesigns [Hack #32] as possible.

Just because you’re working with the Web doesn’t mean you’re restricted to spidering HTML documents. If you’re considering only web pages, you’re potentially narrowing your dataset arbitrarily. There are images, sounds, movies, PDFs, text files—all worthy of spidering for your collection.

While it’s tempting to think what you’re up to is unique, chances are, someone’s already spidered and scraped the same or similar sites, leaving clear footprints in the form of code, raw data, or instructions.

CPAN (http://www.cpan.org), the Comprehensive Perl Archive Network, is a treasure trove of Perl modules for programming to the Internet, shuffling through text in search of data, manipulating gleaned datasets—all the functionality you’re bound to be building into your spider. And these modules are free to take, use, alter, and augment. Who knows, by the time you finish your spider, perhaps you’ll end up with a module or three of your own to pass on to the next guy.

Before you even start coding, check the site to make sure you’re not spending an awful lot of effort building something the site already offers. If you want a weather forecast delivered to your email inbox every morning, check your local newspaper’s site or sites like weather.com (http://www.weather.com) to see if they offer such a service; they probably do. If you want the site’s content as an RSS feed and they don’t appear to sport that orange “XML” button, try a Google search for it (rss site:example.com ( filetype:rss | filetype:xml | filetype:rdf )) or check Syndic8 (http://www.syndic8.com) for an original or scraped version.

Then, of course, you can always contact the site owner, asking him if he has a particular service or data format available for public consumption. Your query might just be the one that convinces him that an RSS feed of or web service API to his content is a good idea.

See [Hack #100] for more pointers on scraping resources and communities.

Just as it is important to follow certain rules when programming your spider, it’s important to follow certain rules when designing them as well.

When you write your spider, there are some good manners you should follow.

That’s not to say, however, that there aren’t about as many ways to format an HTML page as there are pages on the Web. To understand how your spider might be able to find patterns of information on an HTML page, you’ll need to start with the basics—the very basics—of how an HTML web page looks, and then get into how the information within the body can be organized.

The core of an HTML page looks like this:

<html>
<head>
  <title>
    Title of the page
  </title>
</head>
<body>
  Body of the page
</body>
</html>

That’s it. 99% of the HTML pages on the Web start out like this. They can get a lot more elaborate but, in the end, this is the core. What does this mean to your spider? It means that there’s only one piece of information that’s clearly marked by tags, and that’s the page title. If all you need is the title, you’re in gravy.

But if you need information from the body of a page—say, a headline or a date—you have some detective work ahead of you. Many times, the body of a page has several tables, JavaScript, and other code that obscures what you’re truly looking for—all annoyances that have much more to do with formatting information than truly organizing it. But, at the same time, the HTML language contains several standards for organizing data. Some of these standards make the information larger on the page, representing a heading. Some of the standards organize information into lists within the body. If you understand how the standards work, you’ll find it easier to pluck the information you want from the heavily coded confines of a web page body.

Important information on a page (headlines, subheads, notices, and so forth) are usually noted with an <H x > tag, where x is a number from 1 to 6. An <H1> tag is normally displayed as the largest, as it is highest in the headline hierarchy.

Depending on how the site is using them, you can sometimes get a good summary of information from a site just by scraping the H tags. For example, if you’re scraping a news site and you know they always put headlines in <H2> tags and subheads in <H4> tags, you can scrape for that specific markup and get brief story extractions, without having to figure out the rest of the story’s coding. In fact, if you know a site always does that, you can scrape the entire site just for those tags, without having to look at the rest of the site’s page structure at all.

Not all web wranglers use specific HTML tags to organize lists; some of them just start new numbered paragraphs. But, for the more meticulous page-builder, there are specific tags for lists.

Ordered lists (lists of information that are automatically numbered) are bounded with <ol> and </ol> tags, and each item within is bounded by <li> and </li> tags. If you’re using regular expressions to scrape for information, you can grab everything between <ol> and </ol>, parse each <li></li> element into an array, and go from there. Here’s an ordered list:

<ol>
 <li>eggs</li>
 <li>milk</li>
 <li>butter</li>
 <li>sugar</li>
</ol>

Unordered lists are just like ordered lists, except that they appear in the browser with bullets instead of numbers, and the list is bounded with <ul></ul> instead of <ol></ol>.

Some non-HTML files are just as nebulous as HTML files, while some are far better defined. Plain .txt files, for example (and there are plenty of them available on the Web), have no formatting at all—not even as basic as “this is the title and this is the body.” On the other hand, text files are sometimes easier to parse, because they have no HTML code soup to wade through.

At the other extreme are XML (Extensible Markup Language) files. XML’s parts are defined more rigidly than HTML. RSS, a syndication format and a simple form of XML, has clearly defined parts in its files for titles, content, links, and additional information. We often work with RSS files in this book; the precisely defined parts are easy to parse and write using Perl. See “Using XML::RSS to Repurpose Everything” [Hack #94].

The first thing you’ll need to do when you decide you want to scrape something is determine what kind of file it is. If it’s a plain .txt file, you won’t be able to pinpoint your scraping. If it’s an XML file, you’ll be able to zoom in on what you want with regular expressions, or use any number of Perl XML modules (such as XML::Simple, XML::RSS, or XML::LibXML).

The first thing you want to do is name your spider. Choose a name that gives some kind of indication of what your spider’s about and what it does. Examplebot isn’t a good name. NewsImageScraper is better. If you’re planning to do a lot of development, consider including a version number (such as NewsImageScraper/1.03).

If you’re running several spiders, you might want to consider giving your spider a common name. For example, if Kevin runs different spiders, he might consider giving them a naming convention starting with disobeycom: disobeycomNewsImageScraper, disobeycomCamSpider, disobeycomRSSfeeds, and so on. If you establish your spiders as polite and well behaved, a webmaster who sees a spider named similarly to yours might give it the benefit of the doubt. On the other hand, if you program rude, bandwidth-sucking spiders, giving them similar names makes it easier for webmasters to ban ‘em all (which you deserve).

Considering what you’re going to name your spider might give you what, at first glance, looks like a clever idea: why not just name your spider after one that already exists? After all, most corners of the web make their resources available to the Googlebot; why not just name your spider Googlebot?

As we noted earlier, this is a bad idea for many reasons, including the fact that the owner of the spider you imitate is likely to ice your spider. There are web sites, like http://www.iplists.com, devoted to tracking IP addresses of legitimate spiders. (For example, there’s a whole list associated with the legitimate Googlebot spider.) And second, though there isn’t much legal precedent addressing fraudulent spiders, Google has already established that they don’t take kindly to anyone misappropriating, or even just using without permission, the Google name.

Once you’ve created a spider, you’ll need to register it. But I also believe you should create a web page for it, so a curious and mindful webmaster has to do no more than a quick search to find information. The page should include:

Even if you have a web page that describes your spider, be sure to register your spider at the online database spots. Why? Because webmasters might default to searching databases instead of doing web searches for spider names. Furthermore, webmasters might use databases as a basis for deciding which spiders they’ll allow on their site. Here are some databases to get you started:

If you’ve written a great spider, why not tell the site about it? For a small site, this is relatively easy and painless: just look for the Feedback, About, or Contact links. For larger sites, though, figuring out whom to contact is more difficult. Try the technical contacts first, and then web feedback contacts. I’ve found that public relations contacts are usually best to reach last. Although tempting, because it’s usually easy to find their addresses, PR folk like to concentrate on dealing with press people (which you’re probably not) and they probably won’t know enough programming to understand your request. (PR people, this isn’t meant pejoratively. We still love you. Keep helping us promote O’Reilly books. Kiss, kiss.)

If you absolutely can’t find anyone to reach out to, try these three steps:

Now that you have a contact address, give a line of reasoning for your spider. If you can clearly describe what your spider’s all about, great. But it may get to the point where you have to code up an example to show to the webmaster. If the person you’re talking to isn’t Perl-savvy, consider making a client-side version of your script with Perl2Exe (http://www.indigostar.com/perl2exe.htm) or PAR (http://search.cpan.org/author/AUTRIJUS/PAR) and sending it to her to test drive.

Offer to show her the code. Explain what it does. Give samples of the output. If she really likes it, offer to let her distribute it from her site! Remember, all the average, nonprogramming webmaster is going to hear is “Hi! I wrote this Program and it Does Stuff to your site! Mind if I use it?” Understand if she wants a complete explanation and a little reassurance.

Another good way to make sure that someone knows about your spider is to include contact information in the spider’s User-Agent [Hack #11]. Contact information can be an email or a web address. Whatever it is, be sure to monitor the address and make sure the web site has adequate information.

Despite making contact, getting permission, and putting plenty of information about your spider on the Web, you may still have questions. Is your spider illegal? Are you going to get in trouble for using it?

There are many open issues with respect to the laws relating to the Web, and cases, experts, and scholars—not to mention members of the Web community—disagree heartily on most of them. Getting permission and operating within its limits probably reduces your risk, particularly if the site’s a small one (that is, run by a person or two instead of a corporation). If you don’t have permission and the site’s terms of service aren’t clear, risk is greater. That’s probably also true if you’ve not asked permission and you’re spidering a site that makes an API available and has very overt terms of service (like Google).

Legal issues on the Internet are constantly evolving; the medium is just too new to make sweeping statements about fair use and what’s going to be okay and what’s not. It’s not just how your spider does its work, but also what you do with what you collect. In fact, we need to warn you that just because a hack is in the book doesn’t mean that we can promise that it won’t create risks or that no webmaster will ever consider the hack a violation of the relevant terms of service or some other legal rights.

Use your common sense (don’t suck everything off a web site, put it on yours, and think you’re okay), keep copyright laws in mind (don’t take entire wire service stories and stick them on your site), and ask permission (the worst thing they can say is no, right?). If you’re really worried, your best results will come from talking to an experienced lawyer.

Even with adherence to the terms of service and usage agreements you find on its pages, a web site might simply have a problem with how you’re using its data. There are several ways in which a spider might be obeying the letter of a service agreement yet still doing something unacceptable from the perspective of the owners of the content. For example, a site might say that it doesn’t want its content republished on a web site. Then, a spider comes along and turns its information into an RSS feed. An RSS feed is not, technically speaking, a web page. But the site owners might still find this use unacceptable. There is nothing stopping a disgruntled site from revising its TOS to deny a spider’s access, and then sending you a “cease and desist” letter.

But let’s go beyond that for a minute. Of course we don’t want you to violate Terms of Service, dance with lawyers, and so on. The Terms of Service are there for a reason. Usually, they’re the parameters under which a site needs to operate in order to stay in business. Whatever your spider does, it needs to do it in the spirit of keeping the site from which it draws information healthy. If you write a spider that sucks away all information from advertiser-supported sites, and they can’t sell any more advertising, what happens? The site dies. You lose the site, and your program doesn’t work any more.

Though it’s rarely done in conjunction with spidering, framing data is a long-established legal no-no. Basically, framing data means that you’re putting the content of someone else’s site under a frame of your own design (in effect, branding another site’s data with your own elements). The frame usually contains ads that are paying you for the privilege. Spidering another site’s content and reappropriating it into your own framed pages is bad. Don’t do it.

I shouldn’t even have to say this, but reiteration is a must. If you’re spidering for the purpose of using someone else’s intellectual property on your web site, you’re violating copyright law. I don’t care if your spider is scrupulously obeying a site’s Terms of Service and is the best-behaved spider in the world, it’s still doing something illegal. In this case, you can’t fix the spider; it’s not the code that’s at fault. Instead, you’d better fix the intent of the script you wrote. For more information about copyright and intellectual property on the Web, check out Lawrence Lessig’s weblog at http://www.lessig.org/blog/ (Professor Lessig is a Professor of Law at Stanford Law School); the Electronic Frontier Foundation (http://www.eff.org); and Copyfight, the Politics of IP (http://www.copyfight.org/).

Aggregating data means gathering data from several different places and putting it together in one place. Think of a site that gathers different airline ticket prices in one place, or a site that compares prices from several different online bookstores. These are online aggregators, which represent a gray area in Internet etiquette. Some companies resent their data being aggregated and compared to the data on other sites (like comparison price shopping). Other companies don’t care. Some companies actually have agreements with certain sites to have their information aggregated! You won’t often find this spelled out in a site’s Terms of Service, so when in doubt, ask.

Some sites complain because their competitors access and spider their data—data that’s publicly available to any browser—and use it in their competitive activities. You might agree with them and you might not, but the fact is that such scraping has been the object of legal action in the past. Bidder’s Edge was sued by eBay (http://pub.bna.com/lw/21200.htm) for such a spider.

What’s going to happen if you write a misbehaving spider and unleash it on the world? There are several possibilities. Often, sites will simply block your IP address. In the past, Google has blocked groups of IP addresses in an attempt to keep a single automated process from violating its TOS. Otherwise, the first course of action is usually a “cease and desist” letter, telling you to knock it off. From there, the conflict could escalate into a lawsuit, depending on your response.

Besides the damages that are assessed against people who lose lawsuits, some of the laws governing content and other web issues—for example, copyright laws—carry criminal penalities, which means fines and imprisonment in really extreme situations.

Writing a misbehaving spider is rarely going to have the police kicking down your door, unless you write something particularly egregious, like something that floods a web site with data or otherwise interferes with that site’s ability to operate (referred to as denial of service). But considering lawyer’s fees, the time it’ll take out of your life, and the monetary penalties that might be imposed on you, a lawsuit is bad enough, and it’s a good enough reason to make sure that your spiders are behaving and your intent is fair.

To keep an eye on ongoing legal and scraping issues, try the Blawg Search (http://blawgs.detod.com/) search engine, which indexes only weblogs that cover legal issues and events. Try a search for spider, scraper, or spider lawsuit. If you’re really interested, note that Blawg Search’s results are also available as an RSS feed for use in popular syndicated news aggregators. You could use one of the hacks in this book and start your own uber-RSS feed for intellectual property concerns.

Other resources for keeping on top of brewing and current legal issues include: Slashdot (http://slashdot.org/search.pl?topic=123), popular geek hangout; the Electronic Freedom Foundation (http://www.eff.org), keeping tabs on digital rights; and the Berkman Center for Internet & Society at Harvard Law School (http://cyber.law.harvard.edu/home/), a research program studying cyberspace and its implications.

An arbitrary classification system is either not based on an established taxonomy or only loosely based on an established taxonomy. If I give 10 photographs unique codes based on their topics and how much blue they have in them, I have established an arbitrary classification system.

The arbitrary classification system’s usefulness is limited. You cannot use its identifying code on other sites. You might be able to detect a pattern in it that allows you to spider large volumes of data, but, on the other hand, you may not. (In other words, files labeled 10A, 10B, 10C, and 10D might be useful, but files labeled CMSH113, LFFD917, and MDFS214 would not.)

The most overt example of classification systems that use an established universal taxonomy is a library card catalog that follows the Dewey Decimal, Library of Congress, or other established classification.

The benefit of such systems is mixed. Say I look up Google Hacks at the University of Tulsa. I’ll discover that the LOC number is ZA4251.G66 C3 2003. Now, if I plug that number into Google, I’ll find about 13 results. Here’s the cool part: the results will be from a variety of libraries. So, if I wanted to, I could plug that search into Google and find other libraries that carry Google Hacks and extend that idea into a spidering script [Hack #65].

That’s the good thing. The bad thing is that such a search won’t list all libraries that carry Google Hacks. Other libraries have different classification systems, so if you’re looking for a complete list of libraries carrying the book, you’re not going to find it solely with this method. But you may find enough libraries to work well enough for your needs.

Beyond site classifications that are based on an established taxonomy, there are systems that use an identification number that is universally recognized and applied. Examples of such systems include:

This list barely scratches the surface. Of course, you can go even further, including unique characteristics such as latitude and longitude, other business identification numbers, or even area codes. The challenge is identifying a unique classification number that requires context that’s minimal enough to make it usable by your spider. "918" is a three-number string that has plenty of search results beyond just those related to area codes. So, you might not be able to find a way to eliminate your false positives when building a spider that depends on area codes for results.

On the other hand, an extended classification number, such as an LOC catalog number or ISBN, is going to have few, if any, false positives. The longer or more complicated an identifying number is, the better it serves the purposes of spidering.

There are several places online that use unique classification numbers, which you can use across other sites. Here are a few you might want to play with:

GuideStar, a database of nonprofit organizations, has a search page that allows you to search by EIN (http://www.guidestar.org/search/). A variety of other business databases also allow you to search by EIN.