Acl:origin does not work on CSS

1 
<https://solidweb.me/doctorAlice/solid-clinic/appointment/#1724599551091> a <http://www.w3.org/ns/auth/acl#Authorization>;
    <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write>;
    <http://www.w3.org/ns/auth/acl#accessTo> <https://solidweb.me/doctorAlice/solid-clinic/appointment/>;
    <http://www.w3.org/ns/auth/acl#default> <https://solidweb.me/doctorAlice/solid-clinic/appointment/>;
    <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;
    <http://www.w3.org/ns/auth/acl#origin> <https://chuixuewan.github.io/solid-clinic>.

here is a piece of my acl rules I set under “doctorAlice/solid-clinic/appointment/” container,
I set the origin as “https://chuixuewan.github.io/solid-clinic” but the problem is I( logged as other user) still can through other app (penny) to reach this container which is not supposed happen. why? does my acl format have some problem?

2

the weird thing is if I authenticate pod which hosted on “https://solidweb.me/” it does not have the trusted app option in profile card#me, even I tried to update

image
image1398×467 35 KB

use this tool, it just not work, and when you login as user hold on “https://solidweb.me/” , it do not like other such as pod hod on " solidcommunity.net" will ask you 4 options(will updated the trusted app lists), but “solidweb.me” seems give the app the whole control and I do not know how to manage it, such as I do not want to give penny the “control” , how could I do?

3

OMG, I realize that CSS seems do not support the acl:origin, the NSS support. Is that right?