Making private RSS feeds truly private.

Or at least try. )
Recently, I submitted to the public a script that allows you to export feeds along with subzamochnymi records from Livejournal.com.
And immediately heard the voices of reason:

payalnik : What a bad method to open sub-locks for the entire Internet. We are waiting for the first scandals.

anton : Do you understand that by doing so, you risk opening the sub-locks of all your friends publicly and finding them in search in a month?

All day I went and tried to remember: somewhere I already saw it. Someone has already talked about this. And remembered!
And then find the source was not difficult:
http://php.vanhecke.info/2008/01/20/republish-a-feed-or-other-data-protected-by-http-basic-authentication

As for personalized RSS feeds, most services do not protect the content by requiring login / password, but provide the user with an open, but random URL of the feed.
For web-based RSS aggregators, such as Bloglines or Google Reader, there is a non-zero chance that other users will stumble upon the private content of your feeds.
That is why Bloglines introduced the <access: restriction relationship = "deny" /> directive
If the ee feed contains, then Bloglines will not display its contents in an open search.
However, the author did not find any mention that Google Reader supports this directive. However, experiments have shown that it was not possible to find the contents of the tape with the installed directive out of another account, although the tape has been in place and has been added for a month already.

Reference to specification: www.bloglines.com/about/specs/fac-1.0