{"id":281,"date":"2005-05-22T19:59:06","date_gmt":"2005-05-22T23:59:06","guid":{"rendered":""},"modified":"2006-05-22T11:12:36","modified_gmt":"2006-05-22T15:12:36","slug":"come_back_on_the_bloglines_security_flaw","status":"publish","type":"post","link":"https:\/\/fgiasson.com\/blog\/index.php\/2005\/05\/22\/come_back_on_the_bloglines_security_flaw\/","title":{"rendered":"Come back on the Bloglines&#8217; security flaw with secure feeds"},"content":{"rendered":"<p>Give to Cesar what belong to Cesar. Bloglines has reviewed the previous security flaw I found in their system in interaction with secure web feeds and fixed it.<\/p>\n<p>I was reviewing the posts that bloggers make on the subject and read all the comments on them. It leads me to check if the problem I found on Bloglines was always there. They fixed it.<\/p>\n<p>How have they fixed it? No they did not delete the HTTPS and HTTP Authentication handling feature of Bloglines. They simply make the URL feeds with HTTP Authentication private.<\/p>\n<p><center><br \/>\n<img decoding=\"async\" src=\"https:\/\/fgiasson.com\/blog\/media\/bloglinesfix.gif\" border=\"0\" alt=\"\" \/><br \/>\n<\/center><\/p>\n<p>We can&#8217;t change the status of such feeds; the system does not give us the possibility anymore. They are private and will remain private. It&#8217;s good news. As far as I know, there are no other problems with this feature in Bloglines.<\/p>\n<p>I would like to thank the Bloglines team for their positive answer to my security flaw discovery and for their fast service fix.<\/p>\n<p>Technoratie:   [<a href=\"http:\/\/technorati.com\/tag\/security\" rel=\"tag\" target=\"_blank\">security<\/a>] [<a href=\"http:\/\/technorati.com\/tag\/Bloglines\" rel=\"tag\" target=\"_blank\">Bloglines<\/a>] [<a href=\"http:\/\/technorati.com\/tag\/secure\" rel=\"tag\" target=\"_blank\">secure<\/a>] [<a href=\"http:\/\/technorati.com\/tag\/feed\" rel=\"tag\" target=\"_blank\">feed<\/a>] [<a href=\"http:\/\/technorati.com\/tag\/atom\" rel=\"tag\" target=\"_blank\">atom<\/a>] <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Give to Cesar what belong to Cesar. Bloglines has reviewed the previous security flaw I found in their system in interaction with secure web feeds and fixed it. I was reviewing the posts that bloggers make on the subject and read all the comments on them. It leads me to check if the problem I [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[57,56],"tags":[],"class_list":["post-281","post","type-post","status-publish","format-standard","hentry","category-blogging","category-security"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/281","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=281"}],"version-history":[{"count":0,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/281\/revisions"}],"wp:attachment":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=281"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=281"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=281"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}