It’s just data

RSS Best Practices

Brent, Phil, and Ben are discussing whether RSS feeds should have relative or absolute URLs in encoded HTML.  This has bothered me in the past, particularly when viewing Joel On Software's RSS feed through the lens of the Radio Aggregator.  His feed has a number of instances of <a href="news/...> and <IMG src="pictures/...">.  Is it valid RSS?  Absolutely!  Does it provide the greatest value to the widest possible audience?  Well, perhaps it could be improved a little.  And perhaps the aggregators can do better too.

There probably are a number of things which are quite legal RSS, but are less than neighborly.  For example, a <script> tag.  Or a <meta> tag.  Or an <embed> tag.  Or an <object> tag.  You get the picture.  What I would like to do is to have the greater community discuss this for a few days, and then Mark and I will implement it in the RSS validator.  As always, validation and compliance will be completely voluntary.  We will clearly separate errors from warnings.  In fact, we will provide an option to not see the warnings at all, if that is your preference.

Definitely a good direction for any good tool to evolve in: to reinforce the use of best practices! Consider defining and storing the criteria for the warnings outside of the code, i.e. in XML.

Posted by Dave Seidel at

Now that's ironic

A perfectly valid RSS item about RSS best practices takes three aggregators and two browsers to read.... [more]

Trackback from phil ringnalda dot com

at

The Next Logical Step for RSS.

It no secret that RSS 2.0 format contains many questionable design decisions that where developed with an even more questionable approach. Sam Ruby points out that "a number of things which are quite legal RSS, but are less than neighborly." He is calling for the community to discuss best practices that he and Mark Pilgrim will then implement as warnings in their RSS Validator service. I completely agree and resubmit my XSS profile and offer some additional tips. ... [more]

Trackback from tima thinking outloud.

at

creativeCommons RSS validation

I just committed code which validates the new creativeCommons rss module. What this entails is the following: Ensuring that the value of the license element is a fully qualified (i.e., non-relative) rfc2396 URI. Warning if the creativeCommons ... [more]

Trackback from Sam Ruby

at

http://philringnalda.com/wiki/RssBestPractices

Posted by Mark at

Reading, Random RSS links

I try catching up on reading of what’s happening in RSS World. Mark Pilgrim: How to consume RSS safely, Mark’s little prank showing RSS exploit and advice on 10 HTML tag stripping. Some background: RSS Validator ContainsScript, Minimize...

Excerpt from yowkee essential at

Sooner or later, intentionally malformed RSS feeds will show up on the net.

An RSS Security Checker tool is now available at
  RSS Reader Security Check

It currently checks and reports 10 commonly known exploits and is primarily intended to check vulnerabilities of RSS readers.

Posted by Ulrich Schwanitz at

Now that's ironic

A perfectly valid RSS item about RSS best practices takes three aggregators and two browsers to read....

Excerpt from phil ringnalda dot com: Now that's ironic: Comments at

Add your comment