Re: Malformed RDF document found at https://marielmat.inrupt.net/settings/privateTypeIndex.ttl - Unexpected "<!doctype" on line 1.

[marielmat]

[I was trying to connect through Solid. I might be the one who is doing something wrong, I just don't know what to do. Thank you.]

Stack trace:

e@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:23:268462
value/</<@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:1:167394
parse/<@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:1:93079
b@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:23:322084
_tokenizeToEnd@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:23:321918
tokenize/<@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:23:323263
r/t.setImmediate/<@https://noeldemartin.github.io/media-kraken/js/0.8f526441.worker.js?__WB_REVISION__=31e5f15474593079090a88dfc301cde1:23:42698

[NoelDeMartin]

Hi there, thanks for opening the issue.

I've come across this error myself more than once, but I thought it was because I often log in multiple times and I mess up something in the session. This error usually happens when something goes wrong during authentication, and making the request to the type index returns an authentication error and the body isn't in the expected format (turtle), it's usually the default html of the provider.

Did you log in multiple times? or did this happen trying to use the application for the first time? In any case, I'd suggest that you try again after clearing up the browser storage. You can do this by "forgetting" Media Kraken from your browser and removing all the cache (in Firefox for example go to your navigation history --> left click --> Forget About This Site). If that doesn't work, you can also try with a different browser.

Let me know if that fixes it, in any case I'll try to detect this error and show a better error message.

[marielmat]

Thank you, it works! Just discover your work during the last Solid World. Will have a lot of fun with Media Kraken (love the name and the logo, btw)

[NoelDeMartin]

Thanks, I'm glad that you like it :).

Was it your first time using the application, or did you log in with different accounts?

I think I'll reopen the issue, because I have been finding this myself and I thought it was because I was messing with the session during development. But if others are also seeing it, there may be something else going on. If you look at the recording of Solid World, you'll see that this is actually the error that broke on the live demo 😅. I recently changed the authentication library so it's probably related to that.

[marielmat]

Hello, Yes, I was connecting to the app for the first time. It is also one of my first experiences with Solid. And yes, I logged out and tried to log in a few times.

I unchecked the access permissions, "to see what would happen" ("Oh I have to grant access, what happens if I don't?" doh! Maybe that's what caused the bug. ;)

An when I wanted to restore the access from my Solid account, it didn't work. And that's when I wrote to you.

[NoelDeMartin]

Hey, that's great, that actually allows me to reproduce the bug 100% of the time :D. I think what I'll do when that happens is show an explanation similar to what I said here, instead of displaying a generic error. I hadn't thought about that use-case (logging into the app without read permissions), but now that you mention it, it's perfectly natural and I wouldn't be surprised if more people do it.

I have one more question though, I hope you don't mind me asking. Since you're new to Solid I'm very interested in your perspective, because I try to build apps for people like you and not Solid experts :). After logging into the app without the proper permissions, I suppose you had to go into your POD provider and revoke the previous access or add read permissions (said differently, once you log into the app without the appropriate permissions, there is nothing you can do from the application to fix it). Was it easy for you to understand this distinction? What the app is responsible for and what the POD provider is responsible for? Sometimes I'm not sure how to communicate the errors that are not my app's fault, but something wrong in the POD.

[marielmat]

Sorry for the delay... Hmmm yes, it was easy for me to understand the distinction. But I'm not sure it would have been for everyone. It could be nice to be aware of what are the potential causes of the bug.

[nsergey82]

Hello, Noel, I watched your talk at the last SOLID webinar (nice one!) and started experimenting with the Kraken. I also began with disallowing access and then followed the exceptions trail to pinpoint the resources I need to expose. Looking at the code also helped. So, e.g. it looks for "movie" in my types and when none is found, it needs to write to privateTypeIndex.ttl, then it needs the actual "Movies" container and to populate it, etc.

This made me ponder about user experience for people that are somewhat cautious about letting an app running from gh-pages to read and write their pod, yet unable or unwilling to go through the debugging steps. Perhaps it would indeed make sense to produce some sort of a friendly "wizard" screens for users that didn't allow r/w on the auth screen. It could explain what it needs to be doing and why, and the user then could audit each point and either let the app do it, or do it herself via any POD browser. You could even provide (to power-users) the ability to review the requests and sparqls the app needs to send to initialize. Many of the permissions you need could then be revoked. E.g., you only need to modify type index once, you only need to create the parent container once, etc.

But since my experience with solid APIs is limited, I am not sure how feasible that would be. Best regards, Sergey

[NoelDeMartin]

Hey thanks @nsergey82 for your comments.

Yes, I will do something that is more user-friendly when this error happens. That's why I'm leaving this issue open as an "enhancement". Your suggestions gave me some ideas, I'll take them into account when I do it :).

However, I'm not sure if I'll be able to do what you mention of revoking permissions after creating the container. At the moment, the only thing that my app knows about authorization is if I am logged in or not. And I don't think it's possible to authenticate with limited permissions for a single container. If I revoke the permissions, I won't be able to add new movies or mark them as watched without asking for them again, which would be very annoying. I think this is technically possible to achieve, but I don't think it's feasible given to current tooling (I'm delegating authentication and authorization to 3rd party libraries).

Personally, if I don't trust an app I'd use a Solid POD only for that app. I know it's not the ideal scenario, and counterproductive to the goals of Solid. But I think that's the approach people are taking at the moment to work around the limitations.

[nsergey82]

Yes, that pop-up is all or nothing at the moment. It is possible to add an app only to ACL of particular container, but it can't be done by the app itself, as it requires elevated permissions. So it has to be something similar to roundtrip that the auth pop-up is doing: sending webid/origin of the app along with the modification it requires and having the user to approve it. Perhaps this is something we better discuss on one the SOLID forums.

[NoelDeMartin]

I've changed the error screen when this happens, hopefully this will be less confusing for newcomers. I've also added a direct link to open an issue in GitHub (the "Get help" button):

Thanks again for your feedback :).