Taking RSS security seriously
It is nice to see that
Aggie RC5
proactively strips all
script, object and meta tags from text before displaying it.
The RSS validator has always flagged script, meta, embed, and object tags. But the real fixes need to be in the aggregators. Kudos to Aggie.
RSS Security and Secure Syndication
Stories and articles about RSS and security.See AlsoPrivate RSS Feeds: Support for security in aggregators ...... way to produce secure RSS feeds, take a look at MySmartChannels (available as a free service at [link]). It...Excerpt from [DecisionCast] RSS Radar at
My HTML-to-plaintext aggregator laughs in the face of your scripting exploits.
This HTML thing, it'll never catch on.
Posted by Mark at