diff --git a/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst b/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst
index 7316d398bf09..90826c0a8fa9 100644
--- a/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst
+++ b/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst
@@ -540,7 +540,7 @@ As of version 5.3.0, an incoming web server configuration is defined as
    addresses: [] Sequence of SocketAddress
    tls:
      certificates: file containing full certificate chain in PEM format
-     key: file contaiing private key in PEM format
+     key: file containing private key in PEM format
 
 
 A :ref:`setting-yaml-webservice.listen` section contains a sequence of `IncomingWSConfig`_, for example:
diff --git a/pdns/recursordist/rec-rust-lib/rust/src/misc.rs b/pdns/recursordist/rec-rust-lib/rust/src/misc.rs
index f3999afa0abc..81f97694e605 100644
--- a/pdns/recursordist/rec-rust-lib/rust/src/misc.rs
+++ b/pdns/recursordist/rec-rust-lib/rust/src/misc.rs
@@ -1,3 +1,25 @@
+/*
+ * This file is part of PowerDNS or dnsdist.
+ * Copyright -- PowerDNS.COM B.V. and its contributors
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * In addition, for the avoidance of any doubt, permission is granted to
+ * link this program with OpenSSL and to (re)distribute the binaries
+ * produced as the result of such linking.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
 #[cxx::bridge(namespace = "pdns::rust::misc")]
 pub mod rustmisc {
 
diff --git a/pdns/recursordist/rec-rust-lib/rust/src/web.rs b/pdns/recursordist/rec-rust-lib/rust/src/web.rs
index d131b163aff9..e4cb207651d4 100644
--- a/pdns/recursordist/rec-rust-lib/rust/src/web.rs
+++ b/pdns/recursordist/rec-rust-lib/rust/src/web.rs
@@ -1,10 +1,28 @@
+/*
+ * This file is part of PowerDNS or dnsdist.
+ * Copyright -- PowerDNS.COM B.V. and its contributors
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * In addition, for the avoidance of any doubt, permission is granted to
+ * link this program with OpenSSL and to (re)distribute the binaries
+ * produced as the result of such linking.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
 /*
 TODO
 - Table based routing?
-- Authorization: metrics and plain files (and more?) are not subject to password auth plus the code needs a n careful audit.
-- Code is now in settings dir. It's only possible to split the modules into separate Rust libs if we
-  use shared libs (in theory, I did not try). Currently all CXX using Rust cargo's must be compiled
-  as one and refer to a single static Rust runtime
 - Ripping out yahttp stuff, providing some basic classes only. ATM we do use a few yahttp include files (but no .cc)
 - Some classes (NetmaskGroup, ComboAddress) need a UniquePtr Wrapper to keep them opaque (iputils
   cannot be included without big headages in bridge.hh at the moment). We could seperate
@@ -112,6 +130,7 @@ fn nonapi_wrapper(
     }
 }
 
+#[allow(clippy::too_many_arguments)]
 fn file_wrapper(
     ctx: &Context,
     handler: FileFunc,
@@ -139,6 +158,7 @@ fn file_wrapper(
     handler(ctx, method, path, request, response);
 }
 
+#[allow(clippy::too_many_arguments)]
 fn api_wrapper(
     logger: &cxx::SharedPtr<rustweb::Logger>,
     ctx: &Context,
@@ -322,7 +342,7 @@ type FileFunc = fn(
     response: &mut rustweb::Response,
 );
 
-// Match a request and return the function that imlements it, this should probably be table based.
+// Match a request and return the function that implements it, this should probably be table based.
 fn matcher(
     method: &Method,
     path: &str,
@@ -1023,6 +1043,7 @@ unsafe impl Send for rustmisc::Logger {}
 unsafe impl Sync for rustmisc::Logger {}
 
 #[cxx::bridge(namespace = "pdns::rust::web::rec")]
+#[allow(clippy::needless_lifetimes)] // Needed to avoid clippy warning for Request
 mod rustweb {
     extern "C++" {
         type CredentialsHolder;
@@ -1070,7 +1091,7 @@ mod rustweb {
     }
 
     // Clippy does not seem to understand what cxx does and complains about needless_lifetimes
-    // I was unable to silence that warning
+    // The warning is silenced that warning above
     struct Request<'a> {
         body: Vec<u8>,
         uri: String,
diff --git a/pdns/recursordist/ws-recursor.cc b/pdns/recursordist/ws-recursor.cc
index 69969d50ecb6..d09286caa304 100644
--- a/pdns/recursordist/ws-recursor.cc
+++ b/pdns/recursordist/ws-recursor.cc
@@ -1033,6 +1033,9 @@ void serveRustWeb()
   else if (configLevel == "detailed") {
     loglevel = pdns::rust::misc::LogLevel::Detailed;
   }
+  // This function returns after having created the web server object that handles the requests.
+  // That object and its runtime are associated with a Posix thread that waits until all tasks are
+  // done, which normally never happens. See rec-rust-lib/rust/src/web.rs for details
   pdns::rust::web::rec::serveweb(config, ::rust::Slice<const ::rust::String>{urls.data(), urls.size()}, std::move(password), std::move(apikey), std::move(aclPtr), std::move(logPtr), loglevel);
 }
 
@@ -1049,12 +1052,12 @@ static void fromCxxToRust(const HttpResponse& cxxresp, pdns::rust::web::rec::Res
   }
 }
 
-// Convert what we receive from Rust into C++ data, call funtions and convert results back to Rust data
+// Convert what we receive from Rust into C++ data, call functions and convert results back to Rust data
 static void rustWrapper(const std::function<void(HttpRequest*, HttpResponse*)>& func, const pdns::rust::web::rec::Request& rustRequest, pdns::rust::web::rec::Response& rustResponse)
 {
   HttpRequest request;
   HttpResponse response;
-  request.body = std::string(reinterpret_cast<const char*>(rustRequest.body.data()), rustRequest.body.size());
+  request.body = std::string(reinterpret_cast<const char*>(rustRequest.body.data()), rustRequest.body.size()); // NOLINT(cppcoreguidelines-pro-type-reinterpret-cast)
   request.url = std::string(rustRequest.uri);
   for (const auto& [key, value] : rustRequest.vars) {
     request.getvars[std::string(key)] = std::string(value);
@@ -1062,8 +1065,10 @@ static void rustWrapper(const std::function<void(HttpRequest*, HttpResponse*)>&
   for (const auto& [key, value] : rustRequest.parameters) {
     request.parameters[std::string(key)] = std::string(value);
   }
-  request.d_slog = g_slog; // XXX
-  response.d_slog = g_slog; // XXX
+  // These two log objects are not used by the Rust code, as they take the logging object from the
+  // context, initalized from an argument to pdns::rust::web::rec::serveweb()
+  request.d_slog = g_slog;
+  response.d_slog = g_slog;
   try {
     func(&request, &response);
   }