[pmwiki-users] Issue with RSS feeds on password-protected pages

Randy randy at brownragfilms.com
Tue Jan 15 14:15:28 CST 2008


As far as I can tell the rss password is useless unless you first have  
read access. I invite anyone who knows how to get an rss feed without  
first having read access to tell how to do it.

If you are concerned about people reading the page, you can start the  
page with (:if false:) and put the following in your config.php:

## Limit source and diff viewing to editors
$HandleAuth['source'] ='edit';
$HandleAuth['diff'] ='edit';

I think that will keep the page fairly confidential, even though  
everyone has read access.

Good luck.

Randy

On Jan 15, 2008, at 1:41 PM, Benoit Dutilleul wrote:

> Hello Randy,
>
> Thanks to your message. Indeed, immediately after your first  
> message, I set the page read attribute to @nopass and make it work.
> Yet, I would appreciate to know if there is a way to authorize only  
> RSS feeds and no browsing of the page or "secured" RSS with a  
> password.
>
> Let me know if you have any idea. Kind regards,
>
> Benoit
>
>



More information about the pmwiki-users mailing list