Log inImperial users Other users No account?Information onFinding a talk Adding a talk Syndicating talks Who we are Everything else |
SpecificationThis document is intended for webmasters who use feeds from talks@ee.imperial on their pages. It provides a sense of what to expect from the service. This is more of a reference page – for more practical information, find out more about disseminating talks. The document is currently being edited to create a first draft and should be treated as highly provisional. talks@ee.imperial public specification
Filtering of user generated contentAny html entered into any field except the talk abstract and list description will be filtered to remove any html tags and therefore reduce the chance of cross-site script attacks. The talk abstract and list description allow html according to a white-list. The white-listed tags are: a, img, br, i, u, b, pre, kbd, code, cite, strong, em, ins, sub, sup, del, table, tr, td, th, ol, ul, li, p, h1, h2, h3, h4, h5, h6, blockquote. The only attributes permitted on tags are a: href, title; img: src, alt, title; code: lang; td: colspan, rowspan; blockquote: cite. Other tags can be created using the textile formatting language. All javascript and event triggers are stripped. Structure and content of feedsFeeds are used to take talks@ee.imperial content and use it on other websites. Some examples are at http://www.inference.phy.cam.ac.uk/talks/penguin/compatible.html General structure of URLThe general structure of a url to get a feed from talks@ee.imperial is: http://talks.ee.ic.ac.uk/show/FORMAT/LISTID
General structure of parametersThe url may be qualified with the following optional optional parameters:
If several parameters are used that restrict the number of talks displayed, then the restrictions will be ANDed. If no parameters are provided, then all talks in the list whose start_time is after midnight this morning will be displayed. TimeTime is specified in seconds since the start of 1970. Possible layoutsPossible values for the optional layout parameter are:
A note on term datestalks@ee.imperial assumes that there are four terms a year:
Embedded (javascript) feedsLists of talks can be embedded in webpages by using code of the following form:<script language="javascript" src="http://talks.ee.ic.ac.uk/show/index/5606?layout=embed" type="text/javascript"></script>If the person who views the webpage has javascript enabled, their browser will request javascript code from talks@ee.imperial and run it in the context of the webpage. The talks@ee.imperial code loaded is of the form: document.write("html fragments that display the talks") The html fragments will contain html created by the talks@ee.imperial system. If layout=embed is used, then the webpage must provide appropriate css to format the page. If layout=embedcss is used, then talks@ee.imperial will provide some basic css to format the talks. To ensure proper (and safe) display of the feed, the webpage server MUST specify that the page is encoded in the UTF -8 character set. Please be aware that if someone was able to tamper with the talks@ee.imperial system, they could add malicious javascript to the talks@ee.imperial feed. This would allow them to change the appearance of your webpage, and potentially clone the webpage user’s identity. To reduce the possibility of tampering with talks@ee.imperial it is hosted on a server where every attempt has been made to secure access. Remote login access is restricted to a small number of talks@ee.imperial managers. However, the server is shared with several other web sites, which means its potential for compromise has been increased. Other formats |