Auto-discover RSS feed that does not exist - App HACKED?
Browsing web news without a browser
Brought to you by:
carnage4life,
t_rendelmann
When browsing to the website: http://news.walla.co.il
An RSS feed is detected:
http://www.overpopulation.com/RSS/overpopulation.rss?
limit=10&subject=&body=&label=0000004&postedBy=brian
@carnell.com&sortKey=Date&sortDir=des
This link does not really exist, and is detected as the
actual page title.
I believe that this is some kind of a hack/bug that
someone planted into the code for some reason?!
Screenshot attached.
Screenshot of bug
Logged In: YES
user_id=714452
I investigated the code used to scan the HTML content. In a
failure case (invalid state on transform teh html to xml
through SgmlReader component) we fallback to get feeds
that mentioned the browsed Url in a post from syndic8.com.
As I think we should not do that for html content scan. Good
catch! Thank you for the report. I fixed that in CVS now.
Logged In: YES
user_id=550140
Fixed this in the Wolverine code base.