Republish a feed (or other data) protected by HTTP basic access authentication
Sunday, January 20th, 2008Some services let you access or download data on a url that is protected by username and password-popup, or “basic access authentication“, for example your twitter replies at http://twitter.com/statuses/replies.rss …:
… or your bloglines subscriptions in opml format at http://rpc.bloglines.com/listsubs :
PHP script to access authenticated URL
With the following simple php script you can access those files and make them available without authentication:
download Authentication Script zipped together with Snoopy Class file.
Unzip and configure the file/page to fetch (e.g. http://twitter.com/statuses/replies.rss for Twitter) and your username and password:
// Configuration! Change values here,
// leave rest of script untouched.
$url_to_be_fetched = "http://someserver/somepage/";
$username_to_be_sent = "your_user_name";
$password_to_be_sent = "your_password";
Upload it to a directory on your (php-capable) webserver together with the (included in the zip file) Snoopy PHP class file.
Use Cases
- Bloglines allows you to publish (part of) your subscriptions (example http://www.bloglines.com/public/PascalVanHecke - see your Blogroll settings), and have your opml downloaded (example: http://www.bloglines.com/export?id=PascalVanHecke) but this means feedpublishers see your username as well. You can use the script to give other people or applications access to your opml without having to give them your username/pswd.
- Twitter replies and all other feeds requiring authentication
Keeping Private Feeds private
In case of personalised RSS feeds, most services do not protect the feed with authentication, but provide the user with a freely accessible feed at a “secret url”. As soon as you use that feed in Web-based feed readers (Bloglines, Google Reader…) chances are other users will stumble on them when searching.
Which is why Bloglines introduced an <access:restriction> element:
<access:restriction relationship="deny" />
If a feed contains this element, it won’t show up in searches within Bloglines. Which is why I’ve included the restriction by default in the feed, although you can switch it off by setting the $feed_preferably_private to false:
// in case you use this to be able to read an authenticated feed
// via Bloglines, you probably do not want it to show up in search
// results
$feed_preferably_private = true;
// end configuration
Support for access:restriction element
I haven’t found any mentions of Google Reader supporting it as well, but I have a feed in Google reader with this restriction for more than a month now, and it doesn’t show in the results when I search for it (using a different account). Some people have pointed out though that Google does allow you to share these “protected feeds” via Google Shared Items or Feedburner.
From the services with “personalised/secret feeds” I am using, Facebook supports it, most others like Google Reader Shared Items, the del.icio.us “for” feed and Wakoopa alerts don’t.
Feel free to leave your comments!