Webid id1.domain.com can edit profile of id2.domain.com and versa

I just want to confirm that I am running into this issue (*://github.com/solid/solid/issues/153) and it is not a setup error on my part: I am not getting any errors anywhere in any case.

If I’m in the same browser, then I can log in as id1.domain.com and then as id2.domain.com and I see the public /profile/card for id1 even in my id2 browser tab. Also, when I edit it in the context (tab) of id2, I see the changes in id1’s card instead. This was unexpected, of course, since they are separate logins until I read the issue 153…

There are no Bearer Tokens in the request headers (see issue 153 above) since TLS is being used. I think it would be pragmatic to require JWT/OpenID Bearer Tokens to insure atomic sessions within the same browser since there will be many use-cases for multiple WebID-contexts in one browser.

Can anyone confirm this behavior?

– a fan of re-decentralizing the web…

Be aware of

I check it every day.
And the Release/v5.0.0 branch

when there is a commit I clone and run thru my tests

Thanks. OK, I’ve been cloning from “master” and not the newest one at that. I’ll track your branch and let you know.

Oh it’s not mine. I’m attempting to apply solid pods to my other projects too