rss feed creation tool
logo
FeedForAll RSS Feed Creation Site Map Contact FeedForAll
Welcome!

What Security Issues Does RSS Raise?

I have recently read about security problems that relate to RSS. Can you please explain what these issues are?

RSS can deliver any type of content. That means that publishers can include executables or documents in the enclosure field of their feed. It is possible for these types of files to contain viruses or other types of unwanted programs. Many developers of RSS readers take precautions to ensure that if a feed contains a suspicious file type the program "warns" the person viewing the feed before downloading the enclosure. Additional details of how this is managed can be viewed in the RSS Security Article.

The other security concern that recently raised concerns, related to potential exploits in online RSS aggregators. Because RSS feeds can contain HTML which includes scripting languages like javascript, exploits could potentially occur if an 'infected' RSS feed is viewed. Many aggregator developers are taking precautions to protect their infrastructure from exploits in any RSS feeds. For example: the recent release of rss2html.php can optionally allow webmasters to remove javascript from within any feeds before they are displayed.

Something else to keep in mind regarding security is that, users 'opt' in to RSS feeds. Users are generally going to only select feeds that are trustworthy.

- RSS Knowledgebase Feed


more questions and answers


send questions to webmaster (at) feedforall.com