solid-nextcloud icon indicating copy to clipboard operation
solid-nextcloud copied to clipboard
verified publisher icon pdsinterop

Use request scheme in server url

Open NoelDeMartin opened this issue 2 years ago • 3 comments

Hey, I've been playing with this in a local Nextcloud instance and could make it work after commenting a couple of things.

I think most of the issues were related to networking, so I don't think there was anything broken in the plugin (my app's clientid wasn't reachable from the Nextcloud server, etc.).

But something I found to improve is that it's assuming that instances run with https://, which was not true in my case. Hopefully everyone uses https:// in production though :).

NoelDeMartin avatar Apr 28 '23 07:04 NoelDeMartin

Thank you for taking the time to report this!

Originally, the hard-coded https was to satisfy the Solid spec, specifically:

2.1 HTTP Server

[..] When both http and https URI schemes are supported, the server MUST redirect all http URIs to their https counterparts using a response with a 301 status code and a Location header.

This was in part to protect unknowing users against themselves.

At some point, the issue of being able to run the solid pod over http did come up. In the Standalone PHP Server, this was resolved by allowing http by explicitly setting PROXY_MODE (see the "Usage" section).

It looks like a similar solution was omitted in this plugin 😞

I'll discuss this internally and see what resolution we come up with.

Potherca avatar May 03 '23 13:05 Potherca

I've moved the internal discussion into the open at https://github.com/orgs/pdsinterop/discussions/2 I'll add an update here once the discussion has been resolved.

Potherca avatar May 19 '23 12:05 Potherca

The consensus reached in the linked discussion is to remove the HTTP(S) check completely and let the server / environment decide.

Potherca avatar Jan 20 '24 11:01 Potherca