-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Display containers even if trailing slash is missing from the URL #4
Comments
CSS' issue on this topic, seems that there is no conflict ( neither obligation ) from the spec perspective, and it could be merged upstream |
The patch only works when logged-in, else fails with 401 unauthorized |
Also note - I tested /public and it redirected me to /public/ correctly BUT it did not add the trailing slash to the browser location bar URI. NSS does add the slash to the URI. |
I found this behavior
|
Ah, good catch! I guess in that case our code is not reached. I'll fix that.
I'll look into that as well! Maybe that's a subtle difference between a 301 and a 302 or something. |
I have to look at CSS architecture and see where we can do the check for public resources. |
Testing this with https://michielbdejong.pivot.pondersource.com/README/ |
As noted in #29 it's probably better to find a different point in the architecture to address this issue, and then fix it once and for all for both publish and non-public resources, and without confusing the DPoP checker and the locking mechanism. |
Maybe the best place to do this is actually in mashlib: |
After discussion in Solid OS Matrix chat, we decided that the idea of handling it client-side would be less than ideal, so I'll have another stab at it, server-side. There must be a way to catch a 404/401/403 on the server side, just before it's sent in the http response, and then decide whether it needs to be rewritten to a redirect response. |
The trouble is that we don't want to send a redirect if the request would still fail after redirection. |
Digging into this with tubsproject/devlog#8 - I should probably overwrite the |
It is also the only place in CSS where a 404 status is set. |
I'll create a |
Working on this in #39 |
Done. It adds a slash when missing, it doesn't remove a slash when it's extra. It acts when status code is 401, 403 or 404, and uses a 301 status code to do the redirect. It's not checking whether the resource it's redirecting to actually exists nor whether the presented WebId and Origin would have access to it. So it's also not leaking that information. |
No description provided.
The text was updated successfully, but these errors were encountered: