Script in Feeds

re: Script in Feeds

Federico — Mon, 07 Aug 2006 23:02:33 GMT

"Also, text fields, like the title element, are treated as text and not as HTML, so HTML tags are entity encoded."
I guess this does not apply to Atom 1.0 when atom:title[type="xhtml"] or atom:title[type="html"]. :)

re: Script in Feeds

Sean Lyndersay [MSFT] — Tue, 08 Aug 2006 03:25:59 GMT

"I guess this does not apply to Atom 1.0 when atom:title[type="xhtml"] or atom:title[type="html"]."

A good point that deserves some clarification:

Atom 1.0 titles of type (X)HTML have all markup (script or otherwise) stripped out, and the remaining text is displayed.

re: Script in Feeds

Sean Kerner — Wed, 09 Aug 2006 16:21:37 GMT

The presentation you mention was only given by Robert Auger.
Here's my account of the event which i was at:
www.internetnews.com/security/article.php/3624601

Does the risk of users that still choose to use something like Bloglines directly still remain?

re: Script in Feeds

Lou — Fri, 11 Aug 2006 19:19:14 GMT

see http://blogs.msdn.com/rssteam/archive/2006/02/24/538493.aspx#comments

re: Script in Feeds

peterpla — Wed, 16 Aug 2006 02:54:43 GMT

See <http://www.spidynamics.com/assets/documents/HackingFeeds.pdf> for the whitepaper "Feed Injection in Web 2.0 - Hacking RSS and Atom Feed Implementations" that was the basis for the Black Hat talk that Walter referenced.

re: Script in Feeds

Martin Szugat — Tue, 22 Aug 2006 05:21:37 GMT

Removing all script elements is in conflict with the structured blogging [1] initiative because they use a script element to embed structured content into web pages and XML feeds. I think there will be a good chance that this initiative becomes important in the next month. So I hope developers won't have to decide whether they use the Windows RSS platform or rely on the structured blogging approach but can use structured blogging within the Windows RSS platform.

[1] www.structuredblogging.org

re: Script in Feeds

Max R. — Wed, 09 May 2007 21:07:18 GMT

Hello! Very interesting. Thank you.

re: Script in Feeds

program — Mon, 20 Aug 2007 10:04:31 GMT

Very good . You are doing a great job.

Good site

ikaoh — Tue, 18 Sep 2007 05:35:26 GMT

<a href= http://lipstick.com/user/buy_actos/#5 >buy actos</a>[url=http://lipstick.com/user/buy_actos/#5]buy actos[/url]<a href= http://lipstick.com/user/buy_adalat/#3 >order adalat</a>[url=http://lipstick.com/user/buy_adalat/#3]order adalat[/url]<a href= http://lipstick.com/user/ActoPlus_Met/#1 >ActoPlus Met online</a>[url=http://lipstick.com/user/ActoPlus_Met/#1]ActoPlus Met online[/url]

re: Script in Feeds

Webdesign — Sat, 19 Jan 2008 15:37:47 GMT

The presentation you mention was only given by Robert Auger.

Here's my account of the event which i was at:

www.internetnews.com/security/article.php/3624601

Does the risk of users that still choose to use something like Bloglines directly still remain?

re: Script in Feeds

Tweaks — Sat, 19 Jan 2008 15:38:01 GMT

"I guess this does not apply to Atom 1.0 when atom:title[type="xhtml"] or atom:title[type="html"]."

A good point that deserves some clarification:

Atom 1.0 titles of type (X)HTML have all markup (script or otherwise) stripped out, and the remaining text is displayed.

re: Script in Feeds

Webhosting — Sat, 19 Jan 2008 15:39:00 GMT

[1] www.structuredblogging.org

re: Script in Feeds

LFERC — Sat, 19 Jan 2008 15:39:47 GMT

[1] www.structuredblogging.org

re: Script in Feeds

Meubelstoffering — Sat, 19 Jan 2008 15:40:07 GMT

The presentation you mention was only given by Robert Auger.

Here's my account of the event which i was at:

www.internetnews.com/security/article.php/3624601

Does the risk of users that still choose to use something like Bloglines directly still remain?

re: Script in Feeds

encyclopedia reference — Thu, 20 Mar 2008 02:58:53 GMT

Thanks for claryfying the problem. I'm learning a lot here. Cheers!

Good site

balabo_ri — Fri, 18 Apr 2008 06:26:50 GMT

<a href= http://index1.magazi.us >pastor salaries according to membership</a> <a href= http://index2.magazi.us >lady lake fl millage rates</a> <a href= http://index4.magazi.us >mack truck branches</a> <a href= http://index3.magazi.us >dale earnhardt jr</a>

re: Script in Feeds

Typy — Thu, 22 May 2008 14:13:54 GMT

Hello, great article!

Tom, admin

http://www.bukmacherzy365.info/

re: Script in Feeds

MSI — Tue, 17 Jun 2008 21:44:23 GMT

Thank you for grat piece of info :)

re: Script in Feeds

Bread bins — Wed, 27 Aug 2008 16:46:10 GMT

I'm searching for this solution. Thank you!

re: Script in Feeds

Rules — Sat, 13 Sep 2008 20:24:16 GMT

I think there will be a good chance that this initiative becomes important in the next month. So I hope developers won't have to decide whether they use the Windows RSS platform or rely on the structured blogging approach but can use structured blogging within the Windows RSS platform.

quiz career find

ctl00$_$ctl00$_$ctl02$_$form$_$tbname — Fri, 03 Oct 2008 06:00:19 GMT

major career quiz <a href= http://regionprovence.cn/career-quiz.html >quiz career find</a> [url=http://regionprovence.cn/career-quiz.html]quiz career find[/url]