Hi all, For the last five years, I've been syndicating my Picasa photo feed on my site (http://eschnou.com). I've been doing so using the Picasaweb API, fetching the content at this url, as per the API 2.0 documentation:
https://picasaweb.google.com/data/feed/api/user/userID?kind=photo&max-results=10 This morning I woke up and discovered 250+ pictures of random people polluting my blog. I immediately thought I was hacked or something like that, but the issue sees in fact in the API: it returns random user pictures when I fetch my latest pictures. I've tried with both my picasaweb userid and my Google+ id, and the effect is the same. Note that when I'm logged in it works fine. I've also noticed that some pictures seems to be private. Which would mean that Picasa is currently leaking private pictures of random user. To me it looks pretty bad and require an urgent fix. As an example, have a look at Larry Page photostream... (you have to be logged out from Google to witness the weird behaviour): https://picasaweb.google.com/data/feed/api/user/LarryPage/?kind=photo&max-results=10 ^^ easier to view in Firefox which parse and display nicely the rss output. Best, Laurent -- You received this message because you are subscribed to the Google Groups "Google Picasa Web Albums API" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-picasa-data-api. For more options, visit https://groups.google.com/groups/opt_out.
