Todo: ======= - Fix Subscription Timeout!!!! (Just try subscribing to blog.honecombio.com) UI: - Account creation flow - Maximum userid length enforced - Banner for success and the like? - Recover lost password flow - Add/remove river sets - Import/export OPML - CSR protection Back-end Stuff: - Measure things: - Number of concurrent HTTP connections - Latencies of various things - Login cookie cache scrubber - Max request size - Limit on HTTP response sizes, strong timeouts - Remember that attackers dictate URLs. - Throttle login requests - Send email Tests: - Some known feed snapshots, check to make sure rivers match. (Make sure to mock the web and return fake images, &c.) Shipping: - Implement ATOM cache timeout and RSS skip hours and the like to poll more intelligently. Later: - Extract enclosures and the like, store locally (in the DB) and present them in the river. (Then do UI work to expose audio enclosures and the like.) - Trim rivers that get too big - God these names are all terrible -- river? feed? what's what? Far future: - For the future, we'll probably need options on individual feeds for processing to make them better. It is possible to over-engineer this so be careful. - Implement pubsubhubbub?