Start a new topic

RSS Improvements

I am a heavy RSS user, and for years I've consumed Tumblr primarily through RSS. I'm thrilled that cohost has non-experimental RSS feeds now, but I think there are a few changes that could make them much better:

  • Shares are too transparent. Currently if a user transparently shares a post, the RSS feed will link to the original post rather than a view of the transparent share. This has two downsides: if I reshare the post it doesn't give credit to the friend I saw it from; and more importantly, I can't see my friend's tags. Tags are an important channel for small followers-only in-jokes and conversation, and missing that in the RSS view makes it much less useful than it could be.
  • Show me the tags. Related to the above, tags should be visible in the feed itself rather than requiring me to click through.
  • Show me the context. Reshares (transparent or not) only include the contents of the immediate post in the feed. This means that reading the feed on its own is largely useless, because you're missing half the conversation. Even posts that aren't reshares could be and the only way to check is to click through.
  • Account-specific feeds. If I'm logged in, I should be able to access an RSS feed that includes a token that identifies me as the reader and applies my own filters and blocks to the feed. I have some filters applied that are so crucial to my mental wellbeing that I will simply not follow someone's RSS feed if the alternative is seeing stuff that would get filtered out on the website.
  • Private page feeds. This is the only suggestion I'm not totally confident in. On one hand, the pages I most want to make sure I see everything from are my friends' private pages. On the other, the best way to make this work is to generate a feed that's locked to my account but could in principle be shared with anyone. Whether this is an actual security risk or not is debatable—after all, I could always screenshot their private posts instead—but it's certainly a PR risk if nothing else. There may be a better solution to this underlying problem than RSS.

5 people like this idea
1 Comment

I think account-specific and private feeds would both need authentication. My reasoning is that:

  • for the former, if anyone could access your account-specific feed, they'd possibly be able to derive information like who you have blocked, which seems like a privacy anti-feature.
  • for the latter, as you mentioned, if the url is not authenticated, then the private pages are no longer private. Contrary to your second point, there's a significant difference between a bad actor's ability to (manually or with software) send screenshots or otherwise proxy content to other folks (e.g. people the poster has blocked), versus the ability to just obtain and send a url to a live feed of that user's content.
My understanding of security in networking is limited, but I'm thinking something like a 3-way handshake between the feed aggregator and the feed source, requiring the user to log in as their cohost account, should be sufficient. That way, in order to share a private feed, the hypothetical bad user would need to also share their account credentials with the inauthentic readers of the feed; and if they're willing to do that, then the RSS feed doesn't really give them any additional power.
Login or Signup to post a comment