Open NoelDeMartin opened 1 year ago
Thank you for taking the time to report this!
Originally, the hard-coded https
was to satisfy the Solid spec, specifically:
2.1 HTTP Server
[..] When both
http
andhttps
URI schemes are supported, the server MUST redirect allhttp
URIs to theirhttps
counterparts using a response with a 301 status code and aLocation
header.
This was in part to protect unknowing users against themselves.
At some point, the issue of being able to run the solid pod over http
did come up. In the Standalone PHP Server, this was resolved by allowing http
by explicitly setting PROXY_MODE
(see the "Usage" section).
It looks like a similar solution was omitted in this plugin 😞
I'll discuss this internally and see what resolution we come up with.
I've moved the internal discussion into the open at https://github.com/orgs/pdsinterop/discussions/2 I'll add an update here once the discussion has been resolved.
The consensus reached in the linked discussion is to remove the HTTP(S) check completely and let the server / environment decide.
Hey, I've been playing with this in a local Nextcloud instance and could make it work after commenting a couple of things.
I think most of the issues were related to networking, so I don't think there was anything broken in the plugin (my app's clientid wasn't reachable from the Nextcloud server, etc.).
But something I found to improve is that it's assuming that instances run with
https://
, which was not true in my case. Hopefully everyone useshttps://
in production though :).