This page last changed on Dec 02, 2008 by smaddox.

The RSS feed macro embeds an RSS feed on a page. It can display the contents of external feeds, or of internal feeds generated by Confluence. To display blog posts or to list recently updated pages in a space, use the Feed Builder to create an internal feed, then render it using this macro.

CAUTION: Including unknown HTML inside a webpage is dangerous.
HTML inside an RSS feed can contain active scripting components. This means that it would be possible for a malicious attacker to present a user of your site with script that their web browser would believe came from you. Such code could be used, for example, to steal a user's authentication cookie and give the attacker their Confluence login password.

The RSS macro will only be available if it has been enabled by your Confluence administrator. Also, your Confluence Administrator can define a whitelist of trusted URLs. You will see an error message on the Confluence page, if the included URL is not in the whitelist.

On this page:

Error formatting macro: toc: java.lang.NullPointerException

Usage

Use the Wiki Markup editor to edit the page and insert the RSS macro. Replace the 'http://www.example.com/rss/' URL with your own feed link in this example:

{rss:url=http://www.example.com/rss/}

Optional Parameters

Number Parameter Default Description
 1 max 15 Limit the number of entries displayed.
 2 showTitlesOnly false Show only the titles of the news items, not the content.
 3 titleBar true Hide the feeds title bar.

Examples

1. Limit the number of entries displayed

{rss:url=http://host.com/rss.xml|max=5}

2. Show only the RSS feed titles

{rss:url=http://host.com/rss.xml|showTitlesOnly=true}

3. Hide the feeds titlebar

{rss:url=http://host.com/rss.xml|titleBar=false}

Working Example

What you need to type:

{rss:url=http://www.abc.net.au/news/syndicate/breakingrss.xml|max=5|showTitlesOnly=true}

What you will get:

How Up to Date is the Feed?

By default, the RSS Feed macro caches the feed results for 60 minutes before fetching the data again.

If you wish to change the default caching, use the {cache} macro to define how often the RSS Feed macro fetches the feed updates. You may want to set the cache to a longer period, so that your page loads faster. Or you may want to retrieve feed results more often, if you need to see the updates sooner. You will need to install the Cache plugin page onto your Confluence site.

To enable caching:

  1. Using the Confluence Repository, install the 'Scripting Plugin' and the 'Utilities Plugin'.
  2. For each RSS macro that you wish to cache, surround your RSS macro with a Cache macro. For example, to cache feeds for 30 minutes:
    {cache:refresh=30m}
    {rss:url=http://rss.news.yahoo.com/rss/stocks|max=5}
    {cache}
    

    The Cache plugin page provides more information on customising the cache behaviour.

What Happens to a Page Containing a Disallowed URL?

Your Confluence Administrator can set up a whitelist of allowed URLs. If this is the case, you may see an error on the pages which contain the RSS macro.

A user can add the RSS macro or the HTML-include macro to a Confluence page. The macro code includes a URL from which the content is drawn. When the page is displayed, Confluence will check the URL against the whitelist. If the URL is not allowed, Confluence will display an error message on the page.

The error message says that Confluence "could not access the content at the URL because it is not from an allowed source" and displays the offending URL. If the person viewing the page is a Confluence Administrator, they will also see a link to the Administration page where they can configure the URL whitelist.

Here is an example of the error message, including the link shown only to Confluence Administrators:

Here is an example of the error message, but without the link.

Authentication

Adding Login Information for Confluence Feeds

You can add your Confluence username and password to the feed URL, so that the RSS Feed Macro can log in to Confluence.
Please note that if you do this, someone with access to your RSS newsreader configuration can read your password.

Private Feeds from External Sites

RSS feeds which require authentication cannot be accessed using the RSS Macro.

Accessing Internal HTTPS Feeds

This applies only to Confluence instances which have enabled HTTPS for all content. If your site is fully HTTPS, the RSS macro cannot access internal feeds. To enable the RSS macro to access internal feeds without affecting your HTTPS setup, enable local-only HTTP access:

  1. Shut down Confluence.
  2. Use the SSL guide to re-enable HTTP access to Confluence. This means that Confluence will be accessible via both HTTP and HTTPS.
  3. Insert a firewall rule to redirect all HTTP requests not from the Confluence server to the equivalent HTTPS URL. This ensures that users will only be able to access Confluence via HTTPS, as intended. If you have still left HTTP access for attachments enabled (to avoid the IE download bug) you must selectively enable those URLS as well.
  4. Modify your Confluence RSS macro feed link to use the HTTP URL, and restart Confluence.
RELATED TOPICS

Subscribing to RSS Feeds within Confluence
Adding a username and password to Confluence RSS feeds
Tracking Updates Overview
Working with Macros
Configuring a URL Whitelist

Return to Confluence User Guide

Document generated by Confluence on Dec 03, 2008 15:16