RSS not protected?

Page: 1

Homepage » Forum Index » activeCollab 0.7.1 / General discussion » RSS not protected?

suntrop on Aug 3. 2007. 8:59 am

Hi,

I've noticed that the RSS Feed isn't password protected so anybody on the web could actually see what is going on and what I have done. Maybe this is good for some reasons and customers can see the latest changes, but not for me and my company. Is there a chance to stop the RSS Feed or is it planned to protect this?

Thanks for your answer.

regards
- Sebastian -

Staff

Ilija Studen on Aug 3. 2007. 9:04 am

RSS is protected with a password based token that is used to authenticate user and serve only the data he or she can see.

To see what I am talking about try to access RSS feed without knowing that weird 40 letters long parameter in the URL.

activeCollab Team Member

suntrop on Aug 7. 2007. 3:10 am

Ok, thanks for your answer. I didn't know that :-)

Pro

WhiskI on Aug 7. 2007. 5:55 am

The problem is maybe on the other side - checking RSS made me automaticaly logged and via web browser I don't need to login!
So as far as my RSS reader is running, anybody at my computer has my (admin) rights without need to login to AC :(
It's not a big problem, but I want to warn...
(sorry for anglisch :)

Staff

Ilija Studen on Aug 7. 2007. 5:58 am

Yeah, visit to RSS feed with a proper token will create a new session for you.

We fixed that problem in activeCollab 1.0. Logging in with token gives you access only for that request.

activeCollab Team Member

Topic is locked. If you have something important to say about issues discussed on this page please write at hi@a51dev.com.

RSS Icon Recent posts in this topic

Homepage » Forum Index » activeCollab 0.7.1 / General discussion » RSS not protected?