We apologize for the instability of composr.app and appreciate your patience. We are working on the statistics addon and trying to find an optimal way to store and render data. Unfortunately, we have yet to find a solution that can handle the traffic (and therefore, tens of millions of statistical records) of composr.app. We're working hard on one.
#5703 - backend.php showing all available feeds to Guests
@Adam I need more information. It looks like RSS hooks have proper privilege checking in place. What specific backend.php URL calls are causing a leak of info? And where are these calls located?
Ignore; I found the issue. I'm assuming it's opml because I saw some feeds listed that guests normally would not have access. I added a clause to hide those for guests.
backend.php opml mode was publicising all available feeds, even ones guests would not be able to access.
This patch hot-fudges a list of feeds we don't want to promote to guests; they will no longer display in the opml feed.
However in v11, we should add a new method in the RSS hooks for privilege checking (based on current member) and use that instead.
https://gitlab.com/composr-foundation/composr/-/commit/e25cffa0ff26d49d1b48b2a62694a57855563972