René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"fix: make WebID profile fetch respect NODE_TLS_REJECT_UNAUTHORIZED in tests","articleBody":"## Problem\n\nThe WebID-TLS integration tests timeout because the internal `fetch()` in `lib/webid/lib/get.mjs` doesn't respect `NODE_TLS_REJECT_UNAUTHORIZED=0`.\n\nWhen verifying a WebID certificate, the server fetches the user's profile (e.g., `https://tim.localhost:7777/profile/card#me`). In tests, this URL uses a self-signed certificate that the internal fetch rejects.\n\n## Simplest Fix (~5 lines)\n\nModify `lib/webid/lib/get.mjs` to use an HTTPS agent that respects the environment variable:\n\n```javascript\nimport fetch from 'node-fetch'\nimport https from 'https'\nimport { URL } from 'url'\n\n// Respect NODE_TLS_REJECT_UNAUTHORIZED for testing with self-signed certs\nconst agent = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0'\n  ? new https.Agent({ rejectUnauthorized: false })\n  : undefined\n\nexport default function get (webid, callback) {\n  // ... existing code ...\n  fetch(uri.href, { method: 'GET', headers, agent })\n  // ...\n}\n```\n\n## Why This Works\n\n- In production: `NODE_TLS_REJECT_UNAUTHORIZED` is not set, so normal cert validation applies\n- In tests: The env var is already set by the test runner (`cross-env NODE_TLS_REJECT_UNAUTHORIZED=0`)\n- No changes needed to test infrastructure or certificates\n\n## After This Fix\n\nRemove `describe.skip` from `test/integration/acl-tls-test.mjs` and the tests should pass.\n\n## Related\n\n- #1841 - Original tracking issue\n- #1842 - Documentation PR explaining the issue","author":{"url":"https://github.com/melvincarvalho","@type":"Person","name":"melvincarvalho"},"datePublished":"2026-01-08T23:12:39.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/1843/node-solid-server/issues/1843"}