On Fri, 14 Jan 2005 15:52:58 -0500, Robert Sayre [EMAIL PROTECTED] wrote:
Danny Ayers wrote:
Thing is, with the spec as it currently stands, we don't have a link
from the feed that can be guarenteed to point to the feed URI itself.
That's not a very robust way to accomplish the goal.
On Jan 15, 2005, at 1:05 AM, Danny Ayers wrote:
Seems to me like making a source-URI reference a SHOULD would help
solve an immediate problem, irrespective of the hypothetical problem
of copying.
I see no downside. There are going to be scenarios where it's not
reliable, but there are going to
On Sat, 15 Jan 2005 08:37:47 -0800, Tim Bray [EMAIL PROTECTED] wrote:
On Jan 15, 2005, at 1:05 AM, Danny Ayers wrote:
Seems to me like making a source-URI reference a SHOULD would help
solve an immediate problem, irrespective of the hypothetical problem
of copying.
I see no downside.
On Sat, 15 Jan 2005 15:15:46 -0500, Robert Sayre [EMAIL PROTECTED] wrote:
No, this is already possible with RSS 1.0.
Really? How is it done?
My apologies, the RSS 1.0 spec actually says the rss:channel resource is
...either the URL of the homepage being described or a URL where the
RSS
On 15 Jan 2005, at 8:28 pm, David Powell wrote:
11.1 Verifying the Authenticity of Self Links
Can someone explain the attack model here? The worst that I can see
happening is that when you try to subscribe to my feed, you end up
subscribed to someone else's. How does this harm anyone but me?
I was just in the middle of putting the world to rights regarding feed
discovery/subscription from browsers [1] when something occurred to
me. Correct me if I'm wrong, but isn't one of the solutions for this
to serve the feed with the Atom mime type, which will trigger an
appropriate handler in
Danny Ayers wrote:
Thing is, with the spec as it currently stands, we don't have a link
from the feed that can be guarenteed to point to the feed URI itself.
That's not a very robust way to accomplish the goal. People tend to use
cp without thinking about these things. The browser vendors will
Hmmm. Not looking at the spec, but at the feeds we're currently
producting for AOL Journals, our feeds have link rel=service.feed
... essentially pointing to themselves, which I yesterday thought was
redundant but perhaps is actually useful. Useful enough to be
mandatory, perhaps?
-John
Danny
On 15/1/05 7:37 AM, Danny Ayers [EMAIL PROTECTED] wrote:
If I remember correctly from previous discussions, there is a little
snag with most browsers only passing the data, not the source URI.
Thing is, with the spec as it currently stands, we don't have a link
from the feed that can be
