Blog Post RSS ?

Blogs » Open Source » Securing an RSS Feed
« W3C seeks feedback on CSS3
PHPScript »
 

Securing an RSS Feed

by Blane Warrene

While Kevin has pointed out some important issues in regards to Greasemonkey - I found this new concept for securing an RSS feed an invaluable tip.

Joe Gregorio wanted a way to syndicate content for himself and appears to be onto a method. With some tweaking perhaps this could also be explored as a way to distribute paid content to a restricted audience…?

This entry was posted on Thursday, July 21st, 2005 at 8:11 pm, contains 63 words, and is filed under Open Source. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed. The views and opinions in this blog post are those of its author.

This post has 5 responses so far

  1. charmedlover Says:
    July 22nd, 2005 at 7:42 am

    Very interesting, I figured that it would eventually happen. Paid RSS feeds were a sure-thing once it goes commercial.

     
  2. dschultz Says:
    July 22nd, 2005 at 1:20 pm

    Very timely blog - just yesterday i spent a couple hours searching on google for a way to create a password protect my RSS feed. If you have your username / passwords in MySQL, i *THINK* (haven’t full tested this yet) you can just use the PHP variable:
    $_SERVER[’PHP_AUTH_USER’];
    Using the header function i think you can make this work:

    if (!isset($_SERVER[’PHP_AUTH_USER’])) {
    //prompt for username / password
    } else {
    //check PW with MySQL, if successful spit out the RSS feed.
    }
    Hope that helps!

     
  3. Icheb Says:
    July 23rd, 2005 at 4:15 pm

    $_SERVER[’PHP_AUTH_USER’] is used for htaccess authentication. Do RSS readers support that in the first place?

     
  4. Darren884 Says:
    July 24th, 2005 at 4:03 pm

    Pretty cool. Couldn’t you use an easier way by just using a get method of username and password retrieval on the url you were going to parse?

     
  5. Charlie Wood Says:
    August 25th, 2005 at 10:41 pm

    Yes, most RSS readers support Basic HTTP Auth, which when used with SSL makes for a secure feed. I thought Bloglines did, but there was some issue with their requiring you to put you username:password directly in the feed URL, which is obviously a Bad Thing. Anyway, Basic Auth + SSL (so passwords aren’t sent in the clear) is the way to go.

    Cheers,
    charlie

    http://spanningpartners.com

     

Sponsored Links

Leave a response

You are not logged in, log in with your SitePoint Forum username and password.

-OR- Post Anonymously

* Make sure any code samples are escaped (i.e. ‘<b>’ becomes ‘&lt;b&gt;’).

If not logged in, your comments will be placed in a moderation queue. This means your comment may not appear until one of our moderators approves it.

Your Blogmaster is...

Blane Warrene

Blane Warrene

Blane is a writer and researcher focusing on Apple and Open Source technologies. Prior to this, he helped found a commercial software and consulting venture, and worked in the financial services sector as a director of technology and in varying technical roles. Blane maintains Open Sourcery: SitePoint's Open Source Blog.

Subscribe

SitePoint Newsletters

Get all the latest tips by signing up to all of SitePoint’s informative newsletters.

HTML   Plain

SitePoint Blogs

SitePoint Marketplace

Buy, Sell, Trade

Buy and sell Websites, templates, domain names, hosting, graphics and more.

Posting Code Snippets

Feel free to enter code snippets into your comments in the following format.

Marking Up Your Code
<pre>
<code class='html'> 
code snippet 
</code>
</pre>

Be sure to escape any HTML snippets (i.e. '<' becomes '&lt;' ).

Supported language classes include:

  • XML, HTML, XSLT and any other XML style code
  • CSS
  • C#
  • VB & VB.NET
  • Delphi, Pascal
  • JavaScript
  • PHP
  • Python
  • SQL