Title: ACL relative URI resolution: ./#me not matching authenticated WebID · Issue #64 · JavaScriptSolidServer/JavaScriptSolidServer · GitHub
Open Graph Title: ACL relative URI resolution: ./#me not matching authenticated WebID · Issue #64 · JavaScriptSolidServer/JavaScriptSolidServer
X Title: ACL relative URI resolution: ./#me not matching authenticated WebID · Issue #64 · JavaScriptSolidServer/JavaScriptSolidServer
Description: Description When using a relative URI like ./#me or /#me in an ACL file to reference the owner's WebID, it doesn't seem to match the authenticated user's WebID during authorization checks. Steps to Reproduce Set up JSS with WebID at http...
Open Graph Description: Description When using a relative URI like ./#me or /#me in an ACL file to reference the owner's WebID, it doesn't seem to match the authenticated user's WebID during authorization checks. Steps to...
X Description: Description When using a relative URI like ./#me or /#me in an ACL file to reference the owner's WebID, it doesn't seem to match the authenticated user's WebID during authorization chec...
Opengraph URL: https://github.com/JavaScriptSolidServer/JavaScriptSolidServer/issues/64
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"ACL relative URI resolution: ./#me not matching authenticated WebID","articleBody":"## Description\n\nWhen using a relative URI like `./#me` or `/#me` in an ACL file to reference the owner's WebID, it doesn't seem to match the authenticated user's WebID during authorization checks.\n\n## Steps to Reproduce\n\n1. Set up JSS with WebID at `https://example.com/#me`\n2. Create root ACL (`.acl`) with relative agent:\n\n```json\n{\n \"@context\": {\n \"acl\": \"http://www.w3.org/ns/auth/acl#\",\n \"foaf\": \"http://xmlns.com/foaf/0.1/\"\n },\n \"@graph\": [\n {\n \"@id\": \"#owner\",\n \"@type\": \"acl:Authorization\",\n \"acl:agent\": { \"@id\": \"./#me\" },\n \"acl:accessTo\": { \"@id\": \"./\" },\n \"acl:default\": { \"@id\": \"./\" },\n \"acl:mode\": [\n { \"@id\": \"acl:Read\" },\n { \"@id\": \"acl:Write\" },\n { \"@id\": \"acl:Control\" }\n ]\n }\n ]\n}\n```\n\n3. Authenticate as `https://example.com/#me`\n4. Try to PUT a resource\n\n## Expected Behavior\n\n`./#me` in `/.acl` should resolve to `https://example.com/#me` and match the authenticated user, granting write access.\n\n## Actual Behavior\n\nReturns 403 Forbidden. The `wac-allow` header shows `user=\"read\"` (from public ACL) instead of including write permissions.\n\n## Workaround\n\nUsing the absolute URI works:\n\n```json\n\"acl:agent\": { \"@id\": \"https://example.com/#me\" }\n```\n\n## Environment\n\n- JSS version: 0.0.72\n- Node.js: v22.21.1\n\n## Notes\n\nThis may be a URI resolution issue where the relative reference isn't being resolved against the ACL document's base URI before comparing with the authenticated WebID.","author":{"url":"https://github.com/melvincarvalho","@type":"Person","name":"melvincarvalho"},"datePublished":"2026-01-07T12:09:37.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":3},"url":"https://github.com/64/JavaScriptSolidServer/issues/64"}| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:9ce4a979-4165-507f-fbbf-55edbdda8763 |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | B50A:BAAC2:458DA7:602762:69774E1D |
| html-safe-nonce | 0d47d1b628c5e2b800ab802b5f1c976c48a43a9e4bb27dc12da69c9ac54d0624 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJCNTBBOkJBQUMyOjQ1OERBNzo2MDI3NjI6Njk3NzRFMUQiLCJ2aXNpdG9yX2lkIjoiNjkwMjk1NjQwNzIzODY0MzIyOSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | 6268cc2aecc7906a757f8e16761a6753dec9671b6b3295324340413d8d498b3d |
| hovercard-subject-tag | issue:3788506619 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/JavaScriptSolidServer/JavaScriptSolidServer/64/issue_layout |
| twitter:image | https://opengraph.githubassets.com/7618a76b9441dd5fbd89c730c11e351b42d424a422163a8f51076ad4eda974e0/JavaScriptSolidServer/JavaScriptSolidServer/issues/64 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/7618a76b9441dd5fbd89c730c11e351b42d424a422163a8f51076ad4eda974e0/JavaScriptSolidServer/JavaScriptSolidServer/issues/64 |
| og:image:alt | Description When using a relative URI like ./#me or /#me in an ACL file to reference the owner's WebID, it doesn't seem to match the authenticated user's WebID during authorization checks. Steps to... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | melvincarvalho |
| hostname | github.com |
| expected-hostname | github.com |
| None | 3310064f35a62c06a4024ba37f41c06836f39376a095c2dfd2c4b693c34965be |
| turbo-cache-control | no-preview |
| go-import | github.com/JavaScriptSolidServer/JavaScriptSolidServer git https://github.com/JavaScriptSolidServer/JavaScriptSolidServer.git |
| octolytics-dimension-user_id | 205442424 |
| octolytics-dimension-user_login | JavaScriptSolidServer |
| octolytics-dimension-repository_id | 958025407 |
| octolytics-dimension-repository_nwo | JavaScriptSolidServer/JavaScriptSolidServer |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 958025407 |
| octolytics-dimension-repository_network_root_nwo | JavaScriptSolidServer/JavaScriptSolidServer |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 67d5f8d1d53c3cc4f49fc3bb8029933c3dc219e6 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width