[pmwiki-users] RSS feeds and passwords

Jon Haupt jhaupt at gmail.com
Mon Nov 12 11:47:18 CST 2007


On Nov 12, 2007 11:10 AM, Patrick R. Michaud <pmichaud at pobox.com> wrote:
>
>
> It depends on what you mean by "encrypted password".  No matter
> the form of the password (encrypted or cleartext), anyone who is
> able to obtain the authpw= parameter of the url would be able to use
> that value to access the RSS feed.
>
> It is possible, however, to set up RSS-only passwords -- i.e.,
> passwords that provide access to the RSS feed(s) but not to
> anything else.
>
> Pm
>
Yeah, but they wouldn't have the actual password, so they wouldn't be
able to use the encrypted value for anything but the RSS, right?  I
mean, you couldn't then use the encrypted value to edit a page, for
example.

The nice thing about this approach is that the password may have read
access to some (but not all) pages, simply through the usual way.  If
you create a RSS-only password, how would you ensure that someone with
this password only had access to x page and not y or z?  You'd have to
specify this somehow, and that seems like it'd be duplicating
work--unless there was a way to tie it to another (read) password.

Jon Haupt



More information about the pmwiki-users mailing list