RSS Mystery Solved?

Secure RSS feeds have been a pain since the launch of Wufoo, but it appears that the issue may be solved. Many Diet Wild Cherry Pepsi’s and failed patches later, we were able to narrow down the problem to two areas: password encryption and [API]( “Wufoo API”) credentials. We pushed up a fix today and have tested it with previously broken accounts in previously broken feed readers, and everything appears to be working. If you use a feed reader that supports authentication (most major ones), go give your feed a try! So far the following have been tested:

– [NewsFire]( “Newsfire”)
– [Netvibes]( “Netvibes”)
– [Bloglines]( “Bloglines”)
– [Newsgator]( “Newsgator”)

The short version is that we weren’t accommodating for all password types, and we weren’t communicating the password information properly to the new API. For those of you who are technically inclined, the longer version is below. But for everyone, if you cannot see or subscribe to your feed, please let us know in the comments or by contacting support. We would like to get this ironed out for good.

###Password Encryption

The original problem with feeds was that some people could see them in the browser while others couldn’t. And then, if you could see it in the browser, you **could** subscribe to it in a feed reader. So half of the people had everything working 100%, and half had 0%. Well, it turns out that I was doing the password check completely wrong because of encryption. All of your passwords are stored in a safe, encrypted format that Chris programmed. When I was learning his code to do the authentication for feeds, I wasn’t escaping the encrypted password properly. With this fix up, everyone should be able to see a feed in their browser.

###API Credentials

The next problem was that even though people could see feeds in the browser, they could not subscribe to them with a feed reader. About a month ago, we switched RSS feeds so that they are powered by the API. In order to access data with the API, you need to either be logged in to your account, or provide a proper API key. Well, in testing, I always happened to be logged in. Either because my localhost only has one user, or because I logged in to access the feeds rather then typing the URL. Obviously (or not so obvious to me at the time), a feed reader can’t log in, and it doesn’t send an API key. So, the code needed to allow for people with proper credentials to access the API.

###Additional Access

We have also opened up access to the feeds for those of you without feed readers with built in authentication. You can now access your feeds directly by URL in the following format:

Note that the example above replaces the `@` in the first email with a `+`. So, if your email address is, you would type in that first section of the URL.

With those two problems fixed, things seem to be running smoother. We’re sorry it took so long to get this far, but we’re happy that progress is being made with them.


  • Hmm… I still seem to be having trouble getting my feeds to work with Bloglines. It say “No feeds were found”

    Posted November 9th, 2006 by Dave.
  • For Bloglines, you have to use the method mentioned in “Additional Access.” They don’t have built in authentication — at least as far as I could find. Let me know if that doesn’t work for you.

    Posted November 9th, 2006 by Ryan Campbell.

Add a Reply

You may use HTML for style.