Skip to content

Instantly share code, notes, and snippets.

@hissy hissy/

Last active Jul 3, 2019
What would you like to do?
#concrete5 Ignore permission for rss feed

By default, concrete5 checks the permission of all of the pages in the RSS feed. If all pages are not viewable by a guest user, RSS feed will return 404 error page.

With this override, concrete5 never check any permission of all pages in the feed. This is useful to provide an RSS feed from a members-only website, but please keep in mind that all published pages will be included in the RSS feed with any permission settings.

Tested on concrete5 8.5.1

// Upload this file to application/controllers/feed.php
namespace Application\Controller;
use Concrete\Core\Http\ResponseFactoryInterface;
use Concrete\Core\Page\Feed as PageFeed;
class Feed extends \Concrete\Controller\Feed
public function output($identifier)
$responseFactory = $this->app->make(ResponseFactoryInterface::class);
if ($feed = PageFeed::getByHandle($identifier)) {
$feed->ignorePermissions(); // Ignore all permissions
if ($xml = $feed->getOutput($this->request)) {
return $responseFactory->create($xml, 200, ['Content-Type' => 'text/xml']);
return parent::output($identifier);
// Upload this file to application/routes/rss.php
defined('C5_EXECUTE') or die("Access Denied.");
$router->get('/rss/{identifier}', 'Application\Controller\Feed::output')
$router->get('/ccm/calendar/feed/{identifier}', 'Concrete\Controller\CalendarFeed::view')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.