RSS not protected?

Page: 1

Homepage » Forum Index » activeCollab 0.7.1 / General discussion » RSS not protected?

suntrop on Aug 3. 2007. 8:59 am

Hi,

I've noticed that the RSS Feed isn't password protected so anybody on the web could actually see what is going on and what I have done. Maybe this is good for some reasons and customers can see the latest changes, but not for me and my company. Is there a chance to stop the RSS Feed or is it planned to protect this?

Thanks for your answer.

regards
- Sebastian -

Ilija Studen on Aug 3. 2007. 9:04 am

RSS is protected with a password based token that is used to authenticate user and serve only the data he or she can see.

To see what I am talking about try to access RSS feed without knowing that weird 40 letters long parameter in the URL.

activeCollab team member | LinkedIn

suntrop on Aug 7. 2007. 3:10 am

Ok, thanks for your answer. I didn't know that :-)

WhiskI on Aug 7. 2007. 5:55 am

The problem is maybe on the other side - checking RSS made me automaticaly logged and via web browser I don't need to login!
So as far as my RSS reader is running, anybody at my computer has my (admin) rights without need to login to AC :(
It's not a big problem, but I want to warn...
(sorry for anglisch :)

Ilija Studen on Aug 7. 2007. 5:58 am

Yeah, visit to RSS feed with a proper token will create a new session for you.

We fixed that problem in activeCollab 1.0. Logging in with token gives you access only for that request.

activeCollab team member | LinkedIn

Topic is locked. If you have something important to say about issues discussed on this page please write at hi@a51dev.com.

RSS Icon Recent posts in this topic

Homepage » Forum Index » activeCollab 0.7.1 / General discussion » RSS not protected?