alpine Posted December 15, 2006 Share Posted December 15, 2006 The ability to have an RSS with https/SSL and/or password protection that uses the IPB database. Link to comment Share on other sites More sharing options...
bfarber Posted December 15, 2006 Share Posted December 15, 2006 The problem is most feed readers don't support password authentication.And for https, the whole site has to go under https - if you do make this switch, the RSS will also go over https. Link to comment Share on other sites More sharing options...
Insideout Posted December 15, 2006 Share Posted December 15, 2006 You could just set it on or off, if you use the board over ssl or not. Link to comment Share on other sites More sharing options...
Mat Barrie Posted December 15, 2006 Share Posted December 15, 2006 You don't do anything to use the board over SSL. Simply drop it into a Web Root, and have Apache (or IIS, or Lighttpd, or whatever) bind that site as an SSL site. No IPB configuration needed. So, I'm not sure why you want them to add an option to IPB that by it's very nature can't do anything about it. Link to comment Share on other sites More sharing options...
DyCyn Posted December 15, 2006 Share Posted December 15, 2006 Secure RSS would be great, as the feature is not usable for me at the moment.Just have the RSS link generated with a hash of the password. They'd need a new link whenever they changed their passwords, but it would work. Link to comment Share on other sites More sharing options...
alpine Posted December 18, 2006 Share Posted December 18, 2006 Well some form of security would be very useful when it comes to a public/internal site. Link to comment Share on other sites More sharing options...
Arts&Faith Posted December 18, 2006 Share Posted December 18, 2006 +1 on authenticated RSS. The readers and sites I use support it. Even so, as an option, that wouldn't constrain people who don't want to use it. Link to comment Share on other sites More sharing options...
DyCyn Posted December 20, 2006 Share Posted December 20, 2006 I have many hidden forums - an obvious example would be the administrators forum. If I were to enable RSS on that forum, any member could potentially read posts. If it checked my user account, and checked the permissions, then it would make the RSS feature usable. Link to comment Share on other sites More sharing options...
bfarber Posted December 20, 2006 Share Posted December 20, 2006 I have many hidden forums - an obvious example would be the administrators forum. If I were to enable RSS on that forum, any member could potentially read posts. If it checked my user account, and checked the permissions, then it would make the RSS feature usable. That's easy to say, but how would a feed reader check your user account? A feed reader isn't going to have access to your cookies, for example... Link to comment Share on other sites More sharing options...
Management Matt Posted December 20, 2006 Management Share Posted December 20, 2006 We could go the google calendar's route and allow one to set up 'private' RSS feeds vai obfuscation.index.php?rssid=1&key=ej3e8j3e83jhj8ji3jerjfThis would allow the creator to know the key, but not anyone else. Link to comment Share on other sites More sharing options...
stobbo Posted December 20, 2006 Share Posted December 20, 2006 We could go the google calendar's route and allow one to set up 'private' RSS feeds vai obfuscation.This would allow the creator to know the key, but not anyone else.I think that would be best, more secure, and more cross compatible :) Link to comment Share on other sites More sharing options...
DyCyn Posted December 20, 2006 Share Posted December 20, 2006 That's easy to say, but how would a feed reader check your user account? A feed reader isn't going to have access to your cookies, for example...Yep, as I posted earlier (and as Matt has pointed out), a link with some sort of password hash or key would work. I forgot that Google calendar does it as well - activeCollab, a project management system, also uses this method.I had used a similar method with 2.1 and IPBSDK to produce secure feeds. Would be great if it became a feature though :). Link to comment Share on other sites More sharing options...
Luke Posted December 20, 2006 Share Posted December 20, 2006 An idea I have is to create a random hash:md5( uniqid( microtime() ) )And save one for every member. That would be the "rss access key" that would automatically be appended to the end of the rss url. If the rss key is invalid or one isn't provided it would just assume it's a guest. If it is valid load up the forum permissions and apply them. Then in AdminCP you could reset an rss access key per member if you needed to. Link to comment Share on other sites More sharing options...
VelvetElvis Posted December 21, 2006 Share Posted December 21, 2006 Something that I've never seen in web forum software is support for public key encryption, for both posts and PMs. If you're going to encrypt RSS, how much harder would it be optionally encrypt everything? That would be awesome even as a paid addon. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.