December 15, 2006 in Feedback
The ability to have an RSS with https/SSL and/or password protection that uses the IPB database.
The problem is most feed readers don't support password authentication.And for https, the whole site has to go under https - if you do make this switch, the RSS will also go over https.
You could just set it on or off, if you use the board over ssl or not.
You don't do anything to use the board over SSL. Simply drop it into a Web Root, and have Apache (or IIS, or Lighttpd, or whatever) bind that site as an SSL site. No IPB configuration needed. So, I'm not sure why you want them to add an option to IPB that by it's very nature can't do anything about it.
Secure RSS would be great, as the feature is not usable for me at the moment.Just have the RSS link generated with a hash of the password. They'd need a new link whenever they changed their passwords, but it would work.
Well some form of security would be very useful when it comes to a public/internal site.
+1 on authenticated RSS. The readers and sites I use support it. Even so, as an option, that wouldn't constrain people who don't want to use it.
I have many hidden forums - an obvious example would be the administrators forum. If I were to enable RSS on that forum, any member could potentially read posts. If it checked my user account, and checked the permissions, then it would make the RSS feature usable.
We could go the google calendar's route and allow one to set up 'private' RSS feeds vai obfuscation.index.php?rssid=1&key=ej3e8j3e83jhj8ji3jerjfThis would allow the creator to know the key, but not anyone else.
We could go the google calendar's route and allow one to set up 'private' RSS feeds vai obfuscation.This would allow the creator to know the key, but not anyone else.
We could go the google calendar's route and allow one to set up 'private' RSS feeds vai obfuscation.
This would allow the creator to know the key, but not anyone else.
That's easy to say, but how would a feed reader check your user account? A feed reader isn't going to have access to your cookies, for example...
An idea I have is to create a random hash:
md5( uniqid( microtime() ) )
And save one for every member. That would be the "rss access key" that would automatically be appended to the end of the rss url. If the rss key is invalid or one isn't provided it would just assume it's a guest. If it is valid load up the forum permissions and apply them. Then in AdminCP you could reset an rss access key per member if you needed to.
Something that I've never seen in web forum software is support for public key encryption, for both posts and PMs. If you're going to encrypt RSS, how much harder would it be optionally encrypt everything? That would be awesome even as a paid addon.
This topic is now archived and is closed to further replies.
Started 31 minutes ago
Started November 17, 2022
Started February 21