inoreader

Moving old feeds to HTTPS

Recommended Posts

Have you considered automatically replacing http: with https://  in the URLs of feeds from Youtube and other sites that were added to the system before https:// was enforced? Feeds for Youtube channels are added as http:// even for new users who have just added them. Maybe this would improve your server load a little since this must result in thousands of redirections every day when Inoreader checks for updates.

Example:  https://www.inoreader.com/subscription/47627020

Two other domains that have implemented https URLs were Podomatic and Blogger/Blogspot. It'd be nice to convert all old feeds to their secure version automatically because it's possible to add both of them accidently if you forget you already have added the old URL. Examples:

Untitled-1.png.ab94e1975125169a4a2c3db15539aa64.png

Untitled-2.png.89ed97ff75eb6675e7ca69568bd0faa8.png

 

 

Share this post


Link to post
Share on other sites

I suppose you are aware that we are using the feeds URLs for their uniqueness and changing them manually may cause many further issues to our system. That's why manually editing feeds URLs isn’t available.

We'll consider what can be done about cases like you describe but we can’t promise anything about similar implementation.

Share this post


Link to post
Share on other sites

I also support this change, if not for the sake of avoiding redirects & duplicating feeds but for users' security.

With much of the web moving to encryption-by-default conncting to insecure http first leaves the content open to modification and snooping by anyone upstream. 

Beside the obvious like Wordpress.com blogs and the Google-owned Youtube, Blogger, Feedburner, etc. also consider converting sites in Chrome's HSTS preload list: https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json 

Since the sites in that list have explicitly opted in to be https by default there shouldn't be any issues. 

Expanding on that: any site with the HSTS HTTP header encoutered by Inoreader's crawler. 

Thank you!

Share this post


Link to post
Share on other sites
On 7/20/2017 at 9:34 AM, wesson said:

I suppose you are aware that we are using the feeds URLs for their uniqueness and changing them manually may cause many further issues to our system. That's why manually editing feeds URLs isn’t available.

We'll consider what can be done about cases like you describe but we can’t promise anything about similar implementation.

I would like to have the option to manually edit my feeds, because I've got around many subscriptions that I would like to change to https where available and changing on at a time isn't an option or even importing because there are folders, rules and filters assigned to them

Share this post


Link to post
Share on other sites

Indeed, it would deeply useful if you could massively chanhe feeds URLs when a whole platform changes its feeds from http to https

It could be also a good idea (but I'm aware it could be ressource consuming on your side) that your automatic detection of faulty feeds could diagnose the reason (http/https) and permit the user te resolve it, at least with a dropdown menu

- http://

- https://

 without allowing us to edit the feed. 

A batch feature would be even better. 

With a checking feature, wich would diagnose if the new feed address is correct  

But I must confess, I would prefer a full editable address. I sometimes have too delete one feed and subscribe tonthe new feed's address, leading tonthe loss of feed's archive  

 

Share this post


Link to post
Share on other sites

Feed URLs will never be user editable. No cloud based RSS reader will allow this, so please stop asking for it. Sorry if I'm being harsh, but I really want to make this perfectly clear.

We are already using the official HSTS list to migrate feeds to https. For feeds that redirect from http to https, there shouldn't be an issue crawling them for the moment. Their articles should point to https too. At some point we will also migrate them to https to avoid unnecessary redirects, so you might start pressing publishers to redirect. For feeds that don't redirect however, it's up to the user for now to chose to which one to subscribe. To bulk edit for now, you can just send them to a single folder, export it as OPML, open it with any text editor, Find/Replace http:// to https:// and import it back. It's not that much work. Yes you may have to edit some rules afterwards, but it should be a one-time process.

I don't believe there are many cases where the http version of the feed throws an error, but exactly the same url with https works. If there's such case it will probably be a misconfiguration on the remote server.

Share this post


Link to post
Share on other sites

well, I converted a quarter of my feeds yesterday afternoon,

and I want to say bulk import/changing isn't an option because

there are some sites that don't work after changing to https (page isn't displayed at all),

others don't have a valid certificate, others have certificates expired (as we know https requires a certificate),

so, I insist it would be very convenient if we could change one feed at a time,

on the other hand, the worst hassle is not the rules, rules changing is easy,

but the filters, which are a pain in the ass to change,

because there is no filters management screen in inoreader interface! (why?) and

the page where we copy a filter to another feed sucks big time,

no order at all, so it's a pain for our eyes in order to find the filter we need

 

edit: I might even have orphan filters, who knows
(what happens to them really? are they deleted?
when I've unsubscribed from their connected feed? )
I can't go over to check with that badly written page

I even tried to copy them from the source code and
sort them in an editor,
that wasn't possible either

 

edit2: and what about gmail label feeds?
I saw that they work with http authentication only,
would you convert them to https authentication?

 

edit3: some sites even redirect from https to http! amazing!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now