The RSS Blog

News and commentary from the RSS and OPML community.

Fri, 08 Oct 2004 18:42:02 GMT

Don't Follow the Script

Rogers Cadenhead: An aggregator that doesn't strip out script and other dangerous tags is a security exploit waiting to happen.

Randy: Let me wildly disagree. It doesn't matter what you do, somebody will always find an exploit. Javascript is generally safe. If the aggregator fails because of the javascript, then it's not a good aggregator. MHO. A great aggregator can display HTML w/ embedded Javascript, w/out a worry.

Link

Reader Comments

Top 10 Most-Visited Articles

Understanding TTL

Polling RSS

Multiple Enclosures, Part II

Enclosures and Media RSS Funkiness

DTD for RSS 0.9 and 0.91

Folksologies: De-Idealizing Ontologies

OPML Manager

XSS Test Cases in OPML

State of Blogosphere Search, Part II

Is Atom Dead?

Last update: Friday, July 07, 2023 at 6:09 PM Eastern.

LinkLand

Randy Charles Morin

RSS Board

How to Read an RSS Feed with Java Using XOM

The RSS Advisory Board Just Turned 20

Downloading 50,000 Podcast Feeds to Analyze Their RSS

Tara Calishain Explains: What is RSS?

Be Unique And Use RSS Guid Like Everybody Else

Line drawing of cowboy on horse

This blog has been published since July 1, 2004 (a span of 7,239 days).