I see the reason about robots.txt.
I think I've not explaing well what I was trying to said. Sorry.
What I meant, is that in the xml of chat there are the user account ids, I've see that on website user account id is used in URL as ";u=accountid".
I think there are server side check so another user cannot read something that is not for them and the chat is just for logged user so there will not be probably any treat.
When I had done similar solution with polling I normally cript the user id just to make them less understable for humans. But depends a lot for the level of security you need to keep.
Anyway, thanks for you time and your answer!