Upgrade StoragePossible security leak? : notes in RSS feed but not in website library
I see my notes in the RSS feed of my library but not in the website presentation level.
I have logged out to ensure I am seeing the "public" view.
I have 'publish my library' turned on,
'publish my notes' turned off.
Or at least I would call them notes, they are not the "notes" table of each item, but the full-text comments allowed against each attachment. That's where I normally store my notes.
Is this a security error?
For example,
Attachment, but no notes:
http://www.zotero.org/willsmithorg/items/152514213
Feed, with notes ('note' field):
https://api.zotero.org/users/33673/items, scroll down until you see 'http://zotero.org/users/33673/items/152514213'
which is a link from http://www.zotero.org/willsmithorg/items
I have logged out to ensure I am seeing the "public" view.
I have 'publish my library' turned on,
'publish my notes' turned off.
Or at least I would call them notes, they are not the "notes" table of each item, but the full-text comments allowed against each attachment. That's where I normally store my notes.
Is this a security error?
For example,
Attachment, but no notes:
http://www.zotero.org/willsmithorg/items/152514213
Feed, with notes ('note' field):
https://api.zotero.org/users/33673/items, scroll down until you see 'http://zotero.org/users/33673/items/152514213'
which is a link from http://www.zotero.org/willsmithorg/items
The text field in the right column for attachments is not what Zotero calls a note -- notes are stand alone or child, and this is neither. That said, this text field looks just like the one for stand alone and child notes, so there's no reason for you or anyone to assume that the "Publish my notes" option does not include it.
This isn't a security leak, however. It's an unclear description of Zotero's functionality that could lead to some people unknowingly making some of their comments public. The description or behavior need to be adjusted.
I was wondering if any schedule has been put on fixing the notes showing up in the rss feeds.
I still have item:notes 'note' coming through on my zotero library rss feeds. I was previously scrubbing them out using yahoo pipes, but pipes was shut down last summer. In yahoo pipes I was applying a script to delete/remove the 'note' divs from the rss feed (to pass on to another service to post on twitter). I was also doing a little formatting/cleanup to make it look more like a tweet.
Any recommendations for replacements for pipes from folks working with the rss feeds from zotero libraries? FeedsAPI looks nice, but is kinda pricey.
In my experience with teaching academics how to use bib ref mgmt software: they don't mind sharing references and bibliographies widely & publicly, but consider their notes to be private and/or personal intellectual property. Most of the faculty I've worked with didn't want their notes being shared outside the research group, and would be especially upset to learn that their notes could be aggregated into a data dump via public rss feeds and/or api's.
So within dlvr.it I configured the feed delivery to exclude all items with the 'item:note' field e.g. [api:itemType]note[/zapi:itemType] (but you'd need to reformat this text as the comment box system excludes anything with <> angle brackets).