You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the spec doesn't say anything about CORS: clients may not configure CORS for their identifiers, preventing cross-domain requests to this document. The main use case for the client identifier is to be dereferenced by the Solid-OIDC provider, which is going to be a backend service, so this has no impact on it. However, the client identifier not being available cross-domain prevents a client-side Solid app to dereference it to discover information about the client. As it stands, making an app that displays information about clients to a user requires a server-side component because there is no guarantee that the client-side request would work. Should there be a note about this in the spec, either recommending that developers configure CORS for the client identifiers, or warning that looking up a client identifier cross-domain may legitimately fail ?
The text was updated successfully, but these errors were encountered:
Currently, the spec doesn't say anything about CORS: clients may not configure CORS for their identifiers, preventing cross-domain requests to this document. The main use case for the client identifier is to be dereferenced by the Solid-OIDC provider, which is going to be a backend service, so this has no impact on it. However, the client identifier not being available cross-domain prevents a client-side Solid app to dereference it to discover information about the client. As it stands, making an app that displays information about clients to a user requires a server-side component because there is no guarantee that the client-side request would work. Should there be a note about this in the spec, either recommending that developers configure CORS for the client identifiers, or warning that looking up a client identifier cross-domain may legitimately fail ?
The text was updated successfully, but these errors were encountered: