Comments (9)
OK, @justinwb gave the winning insight - it affects migrated accounts! :) that's why we are seeing it on our inrupt.net accounts but not on our dev.inrupt.net accounts. I just tried with a newly created inrupt.net account, and that's also not affected.
With that insight, it was easy to find:
https://github.com/solid/node-solid-server/blob/master/default-templates/new-account/profile/.acl
Which is the ACL that makes the profile/ folder writable and that's missing from migrated accounts.
What I don't understand is why it doesn't still allow the upload based on the root ACL doc. but at least I have been able to reproduce the problem on localhost now, by putting NSS4 account content into my localhost NSS5 instance.
from acl-check.
Seeing this happen intermittently when running the app against localhost, logging in as https://michielbdejong.localhost:8443/profile/card#me. Investigating.
from acl-check.
It worked 10 times in a row, then I logged out and back in, and got a 401 (not 403) error.
from acl-check.
Right, the 401 error happens because it tries the PUT without credentials, then it retries it with credentials, and does succeed. This only happens the first time after you've logged in.
from acl-check.
OK, sorry for the confusion. The 401 errors are unrelated. I can reproduce this on inrupt.net but not on dev.inrupt.net, nor solid.community, nor on localhost.
I had a look on the server and there's nothing wrong there. The errors don't show up in sudo journalctl -f -u solid
either.
Will think about it for a bit.
from acl-check.
Just encountered the same, trying to send a PUT request from localhost:3000
to NSS running at localhost:8443
, got the same error:
You are currently logged in as <code>https://localhost:8443/profile/card#me</code>, but do not have permission to access <code>https://localhost:8443/index.html~</code>.
from acl-check.
Great! I don't have time to test it yet, but I encountered this error with a freshly created user after bin/solid-test init
, so there might be a code path that needs updating there as well.
from acl-check.
Right, the problem is that the trustedApp check chokes on the acl:agent <mailto:...>;
line (I guess it tries to dereference that to find out what the trusted apps for that email address are.
from acl-check.
Ah wow, duplicate of #24 even.
from acl-check.
Related Issues (16)
- Deleting a file should require write permission on the container HOT 1
- What is origin and trustedOrigins? HOT 4
- Make which logger to use configurable HOT 1
- Public resources should be available to all origins HOT 1
- Add support for acl:trustedApp
- accessDenied with reason rather than checkAccess
- Refactor getTrustedModesForOrigin
- Cannot read property 'map' of undefined
- Error checking mailto: based authorization HOT 8
- NSS bug #1362 HOT 1
- Parent folder `.acl` is not consulted, even if local `.acl` does not specify permissions HOT 3
- Modes are filtered by origin mode even of no origin HOT 4
- Re-organizing github.com/solid HOT 1
- Get the module in shape for npm
- Find a multilevel logger framework HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acl-check.