Open csarven opened 3 years ago
Server needs to offer a CORS proxy endpoint.
Can CORS proxy be an independent component in the ecosystem which one can choose to deploy together or separate from storage servers?
I would suspect that for reading resources the proxy service can be independent / be anywhere, i.e., not necessarily part of a Solid server. For writing resources, it would probably need to be based on authn/z mechanisms that a Solid application recognises/implements.
So, when a Solid server supports a proxy, it enables Solid applications to implement a category of use cases - accessing resources not only on a Solid server but anywhere.
In any case, a Solid application needs to be able to follow-its-nose, and discovery the endpoint, and so we need to resolve that in Solid Terms ( https://github.com/solid/vocab/issues/26 ) and explain that need through specifications such as Solid WebID Profile ( https://github.com/solid/webid-profile/issues/111 ).
Clients need to use a CORS proxy (for age old reasons.., https://github.com/w3ctag/design-reviews/issues/76 , ..)
Server needs to offer a CORS proxy endpoint.
Doublecheck authn/z requirements..
Related: discover preferred/trusted proxies https://github.com/solid/vocab/issues/26