The current rss.js code always embeds non-SSL (http:) links in the feed data. This is not a good thing because in typical acralyzer installations, access to the bug reports requires transmitting the CouchDB administrator login/password over the wire. Also, crash reports may contain sensitive user data.
I experimented with adding SSL autodetection to rss.js, but encountered the following limitations:
The Netscape RSS 0.91 spec discourages (if not disallows) protocols other than http: and ftp:.
RSS does not support relative URLs at all.
CouchDB does not seem to give us an indication of whether SSL was used to access the current document, so we would have to "guess" (or maybe put it in a configuration file somewhere).
All three problems can be addressed by using Atom instead, and specifying relative URLs in the feed. So I am submitting atom.js, accessed via https://HOST/acra-PROJECT/_design/acra-storage/_list/atom/recent-items?descending=true. i.e. just replace "rss" with "atom" in the URL.
The output from this code passes the w3c.org feed validator. There is one non-fatal warning regarding the use of relative URLs in the "self" link, which is allowed but discouraged.
atom.js incorporates @halkeye's pending fixes from bug #10.
See here for background discussion on the CouchDB list; there are additional posts in the thread.
The current rss.js code always embeds non-SSL (http:) links in the feed data. This is not a good thing because in typical acralyzer installations, access to the bug reports requires transmitting the CouchDB administrator login/password over the wire. Also, crash reports may contain sensitive user data.
I experimented with adding SSL autodetection to rss.js, but encountered the following limitations:
All three problems can be addressed by using Atom instead, and specifying relative URLs in the feed. So I am submitting atom.js, accessed via
https://HOST/acra-PROJECT/_design/acra-storage/_list/atom/recent-items?descending=true
. i.e. just replace "rss" with "atom" in the URL.The output from this code passes the w3c.org feed validator. There is one non-fatal warning regarding the use of relative URLs in the "self" link, which is allowed but discouraged.
atom.js incorporates @halkeye's pending fixes from bug #10.
See here for background discussion on the CouchDB list; there are additional posts in the thread.