Headlines Plugin

Show headline news in TWiki pages based on RSS and ATOM news feeds from external sites


This plugin displays RSS and ATOM feeds from news sites. Use it to build news portals that show headline news.

Note: Syndic8.com ( http://www.syndic8.com/ ) lists many RSS feeds.

Syntax Rules


Parameter Explanation Default
"..." source of RSS feed; this can be an url (starting with http) or a web.topic location for internal feeds None; is required
href="..." (Alternative to above) N/A
refresh="60" Refresh rate in minutes for caching feed; "0" for no caching Global REFRESH setting
limit="12" Maximum number of items shown Global LIMIT setting
touch="..." Touch (edit/save) topics if the feed has updates. Specify a comma-space delimited list of TopicNames or Web.TopicNames, such as "%TOPIC%, NewsLetter". Useful to send out newsletter using MailerContrib, showing new feeds since last newsletter. To update feeds, visit topics with feeds in regular intervals (using cron with wget or the like). N/A
header Header. Can include these variables: - $channeltitle, $title: title of channel (channel.title)
- $channellink, $link: link of channel (channel.link)
- $channeldescription, $description: description (channel.description)
- $channeldate, $date: publication date of the channel (channel.pubDate)
- $rights: copyrights of the channel (channel.copyright)
- $imagetitle: title text for site (image.title)
- $imagelink: link for site (image.link)
- $imageurl: URL of image (image.url)
- $imagedescription: description of image (image.description)
Global HEADER setting
format Format of one item. Can include these variables:
- $title: news item title (item.title)
- $link: news item link (item.link)
- $description: news item description (item.description)
- $date: the publication date (item.pubDate, item.date)
- $category: the article category (item.category)
Global FORMAT setting

The header and format parameters might also use variables rendering the dc, image and content namespace information. Note, that only bits of interest have been implemented so far and those namespaces might not be implemented fully yet.

Rendering the dc namespace

The following variables are extracting the dc namespace info, that could be used in header and format. Nnote, that some of the variables are already used above. This is done by purpose to use different feeds with the same formating parameters. If there's a conflict the non-dc tags have higher precedence, i.e. a <title> content </title> is prefered over <dc:title> content </dc:title> .

  • $title: channel/article title (dc:title)
  • $creator: channel creator (dc:creator)
  • $subject: subject text; this will also add an image according to the subject hash list, see above (dc:subject)
  • $description: ... (dc:description)
  • $publisher: the channel/article publisher (dc:publisher)
  • $contributor: ... (dc:contributor)
  • $date: ... (dc:date)
  • $type: ... (dc:type)
  • $format: ... (dc:format)
  • $identifier: ... (dc:identifier)
  • $source: ... (dc:source)
  • $language: ... (dc:language)
  • $relation: ... (dc:relation)
  • $coverage: ... (dc: coverage)
  • $rights: ... (dc: rights)

Rendering the image namespace

An image:item is converted into an <img> tag using the following mappings:

  • src: image url (rdf:about attribute of the image.item tag)
  • alt: image title (title)
  • width: image width (image:width)
  • height: image height image:height)

Rendering the content namespace

The variable $content is refering to the <content:encoding> content </content:encoding>.


Slashdot News


%HEADLINES{ "http://slashdot.org/slashdot.rdf" 
  header="*[[$link][$title]]:* $description" 
  format="$t* [[$link][$title]]"
to get the latest Slashdot news as a bullet list format:

Business Opportunities Weblog


%HEADLINES{ "http://www.business-opportunities.biz/feed" limit="2" }%

to get the latest postings on the "Business Opportunities" weblog:

Wed, 26 Oct 2016 23:12:08 +0000
The original blog about business opportunities and business ideas for small business entrepreneurs
Wed, 26 Oct 2016 03:19:16 +0000 Laurie B

Whenever I'm speaking with freelancers and entrepreneurs, one of the biggest things I hear is about the obstacles standing in the way of investing in their businesses. Most frequently, I hear about how they just don't have the money to invest in their business.

For those of you who feel this way, I have a challenge for you. I challenge you to find the money to invest in your business. In this article, I'm going to teach you how.
Change your mindset…click here to read article

Tue, 25 Oct 2016 22:42:25 +0000 Laurie B

Could Your Business Benefit From Penetration Testing?

You may have heard about penetration testing without really understanding what it is and what it can do. Essentially it is a form of cyber security and it can be a very useful tool for businesses and organizations that fear they could be hacked. Let's have a look at whether penetration testing would be valuable for your business.

What is penetration testing?

Penetrating testing - variously known as a 'pen test', 'vulnerability scan' or 'cyber security assessment' - is a method of analyzing a company or organizations' cyber security. It does this by simulating a real-world hacking attack against your IT infrastructure to see how well it stands up against those attacks.

The test shows you what would happen if skilled computer hackers targeted your system. The test follows the hack through to its logical conclusion - the testers will attempt to gain access to sensitive information and other assets.

If your organization has a cyber security team they may tell you that you are completely protected, but this kind of test checks whether they have done enough to keep hackers out. It is a method used as a part of ethical hacking. But is penetration testing really something that your business could benefit from? Let's take a look at exactly what a penetration test can do for you - and what it can't do.

Reveals vulnerabilities in your system

One of the major benefits of a penetration test is that it can show you the kinds of vulnerabilities that your system has, as well as the ways that hackers could exploit these vulnerabilities in a real-world test. A penetration test can show which areas are high risk and what needs to be upgraded or improved to ensure that real hackers can't use them.

Generally penetration tests are most useful if you are trying to look at very specific areas of a system to assess whether or not hackers can achieve certain goals. The potential remit for hackers is usually far too great to be able to deal with all potential vulnerabilities in one test. However, the advantage here is that a pen test can reveal that certain issues are unlikely to be exploited by hackers, while other unexpected weaknesses are uncovered.

A safe way to test your cyber-defences

It's all very well if your cyber-security team believes that your defences are impenetrable - but if they have never faced a real-world test from an outside agency, you can never be completely sure. That means that you have two options - sit back and wait for your website to be hacked, and see how well those security measures stand up, or proactively have a reputable firm carry out a penetration test.

Ultimately, if weaknesses are found in the pen test, this is good news as it means that you can fix them before a genuine hack occurs. It is generally best that no-one in the company (apart from the person commissioning the penetration test) knows that the test is going to occurs. This gives you the best possible opportunity to see how defences and staff react in the real world.

Expert opinion from outside the company

It may well be the case that you trust your cyber security team when they say that the defences are strong. But it is always valuable to get unbiased expert analysis from outside the company. Hiring a firm to complete a penetration test can allow you to gain insight from a different perspective - ultimately this can only improve your cyber defences.

It's also possible that utilising the expert analysis from a company can help to convince management that extra funding or resources are necessary in order to ensure the website is secure.

Minimise the disruption to business continuity

It's not just the risk of losing data that can be problematic for businesses in the event of an attack - one of the major issues that companies has to deal with is loss of business continuity. This is can occur when hackers use a denial of service (DoS) attack that can suspend your ability to use your IT systems. While a penetration test would display the ability to complete a DoS attack, it would not last for the long period of time that you could see from a real attack.

The limits of penetrating testing

However, it is important to understand the limits of penetration tests - some people believe that once they have carried out one penetration test, it means that their website is now secure. This isn't the case and in fact penetration tests can only ever point out the faults that they find. And whether they find these vulnerability is limited by the scope of the test and the skills of the tester.

Penetration tests can never show that there is no possible way to hack a system because it is impossible to prove a negative. This shows that penetrations can have a fairly narrow scope; they can only test those aspects of the system that you believe could be vulnerable. If penetration is too limited to be useful for you, it may be worth looking into a broader ethical hacking approach.

Broader ethical hacking

Some people believe that penetration testing is the same thing as ethical hacking, but it's not true. Penetration testing is a part of good ethical hacking, but ethical hacking itself is not limited to digital methods. It approaches the business as a real hacker would - looking for the obvious ways in and exploiting the clearest weaknesses.

This could include anything from phishing emails that attempt to scam employees out of their passwords to social engineering and other 'real world' ways to enter the system. This could even include surveillance or attempts to gain access to the physical office in order to get easy access to files and data that could help.

So if you are looking to have penetration testing carried out, it may be worth having broader ethical hacking at the same time to provide a truly full challenge for your cyber security.

Plugin Settings

Plugin settings are stored as preferences variables. To reference a plugin setting write %<plugin>_<setting>%, for example, %HEADLINESPLUGIN_SHORTDESCRIPTION%. Note: Don't modify the settings here; copy and customize the settings in Main.TWikiPreferences. For example, to customize the USERAGENTNAME setting, create a HEADLINESPLUGIN_USERAGENTNAME setting in Main.TWikiPreferences.

  • One line description, shown in the TextFormattingRules topic:
    • Set SHORTDESCRIPTION = Show headline news in TWiki pages based on RSS and ATOM news feeds from external sites

  • Refresh rate in minutes for cached feeds. Disable caching: 0, default: 60
    • Set REFRESH = 60

  • Maximum number of items shown. Default: 100
    • Set LIMIT = 100

  • Use LWP::UserAgent, or fallback to TWiki's internal getUrl() method. Default: yes

  • Timeout fetching a feed using the LWP::UserAgent. Default: 20

  • Name of user agent. Default: TWikiHeadlinesPlugin/2.21
      * Set USERAGENTNAME = TWikiHeadlinesPlugin/2.21

  • Default header: (variables are explained in the syntax rules)
      * Set HEADER = <div class="headlinesChannel"><div class="headlinesLogo"><img src="$imageurl" alt="$imagetitle" border="0" />%BR%</div><div class="headlinesTitle">$n---+!! <a href="$link">$title</a></div><div class="headlinesDate">$date</div><div class="headlinesDescription">$description</div><div class="headlinesRight">$rights</div></div>

  • Default format of one item: (variables are explained in the syntax rules)
      * Set FORMAT = <div class="headlinesArticle"><div class="headlinesTitle"><a href="$link">$title</a></div>$n<span class="headlinesDate">$date</span> <span class="headlinesCreator"> $creator</span> <span class="headlinesSubject"> $subject </span>$n<div class="headlinesText"> $description</div></div>

  • Values taken from configure: (only supported if CPAN:LWP is installed)
    • $TWiki::cfg{PROXY}{HOST} - proxy host, such as "proxy.example.com";
    • $TWiki::cfg{PROXY}{PORT} - proxy port, such as "8080";
    • $TWiki::cfg{PROXY}{SkipProxyForDomains} - domains excluded from proxy, such as "intra.example.com, bugs.example.com";

Style Sheets

The default HEADER and FORMAT settings use the following styles. See the style.css file defining the default CSS properties (indentation illustrates enclosure).

  • headlinesRss: output of the HeadlinesPlugin (div)
    • headlinesChannel: channel header (div)
      • headlinesLogo: channel logo (div)
      • headlinesTitle: channel title (div)
      • headlinesDate: channel date (div)
      • headlinesDescription: channel description (div)
      • headlinesRight: channel copyright (div)
    • headlinesArticle: one news item (div)
      • headlinesTitle: article title (div)
      • headlinesDate: article date (span)
      • headlinesCreator: author of article (span)
      • headlinesSubject: subect category of the article (span)
      • headlinesText: article text (div)

Plugin Installation Instructions

  • Download the ZIP file.
  • Unzip it in your twiki installation directory. Content:
    File: Description:
    data/TWiki/HeadlinesPlugin.txt plugin topic
    pub/TWiki/HeadlinesPlugin/style.css default css
    lib/TWiki/HeadlinesPlugin.pm plugin perl module
    lib/TWiki/HeadlinesPlugin/Core.pm plugin core
    Check if above examples show a news feed instead of variable.
  • Optionally, run HeadlinesPlugin_installer.pl to automatically check and install other TWiki modules that this module depends on. You can also do this step manually.
  • Alternatively, manually make sure the dependencies listed in the table below are resolved.
    Digest::MD5>=2.33Required. Download from CPAN:Digest::MD5
    LWP::UserAgent>=5.803Optional. Download from CPAN:LWP::UserAgent

Plugin Info

Plugin Author: TWiki:Main.PeterThoeny, TWiki:Main.MichaelDaum
Copyright: © 2002-2010, Peter Thoeny, Twiki, Inc.; 2005-2007, Michael Daum http://wikiring.de
License: GPL (GNU General Public License)
Plugin Version: v2.6 - 2010-05-16
Change History:  
2010-05-16: TWikibug:Item6433 - more doc improvements
2010-04-25: TWikibug:Item6433 - doc fix: Changing TWIKIWEB to SYSTEMWEB
2010-02-27: TWikibug:Item6313 - fixed bug in ATOM feed with <link ...></link> instead of <link ... /> -- Peter Thoeny
2009-09-30: fixed bug in lastBuildDate of feeds affecting touch parameter functionality -- Peter Thoeny
2009-08-29: added touch parameter -- Peter Thoeny
12 Feb 2009: {PROXY}{HOST} supports domain with and without protocol -- Peter Thoeny
06 Feb 2009: added {PROXY}{SkipProxyForDomains} configure setting, added USERAGENTNAME plugin setting -- Peter Thoeny
11 Dec 2008: added {PROXY}{HOST} and {PROXY}{PORT} configure settings -- Peter Thoeny
13 Sep 2007: fixed parsing of content:encoded
23 Jul 2006: improved atom parser; if a posting has no title default to 'Untitled'
26 Apr 2006: added lazy compilation
10 Feb 2006: packaged using the TWiki:Plugins/BuildContrib; minor fixes
03 Feb 2006: off-by-one: limit="n" returned n+1 articles; make FORMAT and HEADER format strings more robust
23 Jan 2006: released v2.00
05 Dec 2005: internal feed urls must be absolute
02 Dec 2005: added web.topic shorthand for internal feeds
29 Nov 2005: fixed CDATA handling
21 Nov 2005: added ATOM support; extended RSS support; added dublin core support; added content support; optionally using LWP to fetch feeds to follow redirections; corrected CPAN dependencies ; recoding special chars from html integer to entity encoding to increase browser compatibility; added css support; use getWorkArea() if available
11 May 2005: TWiki:Main.WillNorris: added DevelopBranch compatability
31 Oct 2004: Fixed taint issue by TWiki:Main.AdrianWeiler; small performance improvement
29 Oct 2004: Fixed issue of external caching if mod_perl or SpeedyCGI is used
02 Aug 2002: Implemented caching of feeds, thanks to TWiki:Main/RobDuarte
11 Jun 2002: Initial version (V1.000)
Perl Version: 5.8
TWiki:Plugins/Benchmark: GoodStyle 100%, FormattedSearch 99.5%, HeadlinesPlugin 94%
Plugin Home: http://TWiki.org/cgi-bin/view/Plugins/HeadlinesPlugin
Feedback: http://TWiki.org/cgi-bin/view/Plugins/HeadlinesPluginDev
Appraisal: http://TWiki.org/cgi-bin/view/Plugins/HeadlinesPluginAppraisal

Related Topics: TWikiPlugins, AdminDocumentationCategory, TWikiPreferences

Topic revision: r1 - 2010-05-17 - TWikiContributor
This site is powered by the TWiki collaboration platformCopyright © 1999-2016 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.HeadlinesPlugin.