Given that my browser based web-app has loaded the user’s profile document and read the value of
pim:storage, which yields the root of my POD
https://elfisk.solid.community … where should my app then store it’s data and what should it do to protect the data from other web-apps?
My web-app registers my pets and store data about each pet in it’s own document in a dedicated
My web-app lives at
https://my-solid-pets.comwhich thus also happens to be the value of the Origin header the browser is going to send to my POD server.
Where should the
my-pets container be located? Should it be
https://elfisk.solid.community/inbox/my-pet/ or what is the right “best practice” recommended location?
Data discovery by the user’s type registry is not going to work since this a new web-app and nobody has ever had a chance to make a registration.
The location should be private by default (protected from other users) and restricted to requests from
https://my-solid-pets.com only. What should my web-app do to ensure this?