RSS is pretty simple. In fact, RSS wears a big t-shirt that says, "Simple is my middle name." Publishers are adopting RSS all over the place and advertisers are trying to figure out how to reach this elusive and finicky audience of early adopters, but RSS is a pretty unfriendly medium for advertising compared to the regular Web or even spam (formerly known as "email").
Me? I love RSS. I couldn't keep up with the embarrassingly small percentage of WIN sites I read if I didn't have FeedDemon, but there are a few things I wish RSS and feed readers could do. Many solutions to RSS problems involve server-side scripting — like the HTTP Conditional GET, which spares Web servers some of the load of repeated requests for feeds that have not changed — but scripting can only do so much.
Clarification: one reader pointed out that Conditional GETs don't require scripting. That is correct, but basic Conditional GETs will still serve your entire 120K XML file even if only one item has been added. Combining Conditional GETs with a server-side script that returns only the new posts is the only way I'd ever want to do Conditional GETs so I consider this a "scripting" solution.
GrimJack
EZ Street
Jon Sable, Freelance
Comments (9)
Add a Comment Inappropriate or promotional comments may be removed.
Brian Alvey 2714 days ago
Re: authentication
Nick Bradbury (creator of FeedDemon, TopStyle and HomeSite) wrote me yesterday and told me that FeedDemon has supported basic HTTP authentication since version 1.0. It's currently on version 1.11.
The first time you attempt to load a password-protected feed, FeedDemon asks for your user and password information and stores it for future feed access.
Rajendra P 2616 days ago
Hello,
I am new to the Rss feed technology. This page is a wonderful resource for all of us. As you provide the link for "RSS with SSL, but not HTTP Auth". I also want to do same in my feed. Whats the step you follow to work the link rss feed to work properly. As when i try to add https url in the feeddemon i got the error message - "The newfeed url could not be auto-discovered. This site may not have a newsfeed, or it may not support auto-discovery of its newfeed."
F. Andy Seidl 2708 days ago
Secure RSS Requires a Permissions Model
It is great that some of the better newsreaders are doing HTTP authentication, but that's only part of the solution. It is also important that RSS *producers* are smart about generating RSS based on the credentials supplied with the request. For example, imagine a behind-the-firewall RSS feed for "HR Department News"--should an average worker and the CEO always get the exact same news items? Of course, the answer is 'no'. It quickly becomes unmanageable if you try to create different feeds for the CEO and everyone else, e.g., what about the CIO?, VP of HR? Director of M&A, etc., etc.
The only real solution is a knowledge server with an object-level permissions model that presents each channel--in whatever format, RSS, OPML, Atom, HTML, smart tags, search results, and so on--based on the credentials used in the request.
More about Secure RSS:
http://myst-technology.com/mysmartchannels/public/item/13011
Sam Walker 2714 days ago
Readers need to get A LOT smarter
I can't wait till Safari RSS comes out, because it looks like they're actually trying something new with RSS
Toolpi 2714 days ago
> If someone knows the URL, they can read your feed.
Why this? Add with WebServices / Authentication within ;)
Simple RSS-Feed without Web-Services:
https://www.anyurl.com/rss.php?uid=foo&pass=bar
or you can connect over sockets; the webserver where connect to, lookup ip-address from server where send request.
also, why not authentication? Switch minds, for authentication!
Toolpi
(Germanreader)
Al Willis 2715 days ago
Issues with RSS
Some of the issues raised in the article are really about the RSS specification and how it's not clear in some areas, including guid (from (http://www.xml.com/pub/a/2004/08/18/pilgrim.html):
The most recent version of RSS has an element called that attempts to solve this problem. However, there are several problems with it:
1. Older RSS versions don't have it, and even in the latest version, it's still optional. So very few feeds actually have it.
2. The RSS spec doesn't give clear guidance on how to make a unique identifier, or how unique it really needs to be, or why you would bother. So many publishers generate useless IDs.
3. It's difficult to compare them, because the data type of the element isn't stable. If a certain attribute is present and contains a certain value, then the element must be treated as a string. But in other cases, the element must be treated as a URL. As we'll see in a minute, these data types have different rules for equality, so comparing GUIDs is more difficult than it sounds.
Al Willis 2715 days ago
Authentication
Atom has authentication: http://www.xml.com/pub/a/2003/12/17/dive.html
-- Al
dale 2715 days ago
Good Read
Interesting read. I like RSS because there is no chance of spam, there are no ads. Just nice text. :) It's just great to be able to find out which sites have new posts in a few seconds.
RSS is a very cool thing.
Go XML!
Joel Goldstick 2715 days ago
authentication
I use rss for real estate agent to inform of new messages from website. What I do is leave the rss pretty empty - title only.. then link to page that is private