[pmwiki-users] How to password protect an rss feed

Patrick R. Michaud pmichaud at pobox.com
Tue Apr 8 08:15:42 CDT 2008

On Mon, Apr 07, 2008 at 03:48:51PM -0500, Randy wrote:
>    I'd like to have an rss feed that is password protected. I realize that
>    the password will be recorded in Apache's access logs and will travel the
>    internet in the clear, but at least it offers some security.
>    According to http://www.pmwiki.org/wiki/PmWiki/WebFeeds:
>    Lastly, it's also possible to configure the webfeeds to obtain the
>    authentication information from the url directly, as in:
>      .../Site/AllRecentChanges?action=rss&authpw=secret
>  I tried setting a password on a page that I can read with a feed reader 
> when the page has no password. I then appended "&authpw=mypassword" to my 
> normal rss URL. My feed reader failed to pick up the feed. Is there 
> some other trick involved to get this to work?

Yes, you probably also want

    if ($action=='rss' && @$_GET['authpw'] && !@$_POST['authpw'])
      $_POST['authpw'] = $_GET['authpw'];

I should probably make this into an $Enable... option somehow.


More information about the pmwiki-users mailing list