NSS 5.0 strict origin policy
node-solid-server introduced strictOrigin policy as default. This means that the app can only talk to servers on which the APP URL is specified as authorized.
I circumvented this on ld.solidbase.info by disabling strictOrigin. On the other PODs, it access can be allowed using the GUI:
- https://github.com/solid/userguide#using-third-party-apps
- https://github.com/solid/web-access-control-spec#adding-trusted-web-apps
We need to:
-
link the first doc to learn.solidbase.info -
link the doc in warning toast when getting 403s -
reenable strictOrigin on ld.solidbase.info -
add app.solidbase.info and next.app.solidbase.info to trusted origins.