mrkvon

@elf-pavlik That should indeed work, because both instances keep separate cookies. The issue described is the following: It is possible to log into two accounts within the same browser instance,...

This sounds great! 🪄 I can definitely see the documents when signed in with `grouptest1` (and not, when not signed in). 🎉 I don't see [either](https://bourgeoa2.solidcommunity.net/grouptest/publicgroup.ttl) of the [groups](https://bourgeoa2.solidcommunity.net/grouptest/privategroup.ttl) even...

_Disclaimer: I don't understand details of OIDC or WebId-OIDC._ Is it not possible to use http-only cookies or some other storage mechanism that can be considered secure?

@RubenVerborgh thank you for explaining! If I understand well: After the user gets authenticated with the identity provider, they receive some kind of token which they're supposed to use to...

@RubenVerborgh Thank you for sharing your idea. I still try to understand it. If it works, why don't we just store the sensitive data directly in web worker? What is...

> But also, with XSS, anyone can make those requests. I see. With XSS we have a problem, whether we use centralized or distributed system. It's not a problem to...

@chmac Why did you delete my comment?

Just to clarify, it was a comment about https://github.com/Trustroots/trustroots/issues/2590, which was about google analytics as well, and in which @anm wrote: > Trustroots should not be compromising people's privacy in...

@robokow with all the respect, that's not what happened. @anm 's issue was definitely enough for a comment, and that's what my [original deleted comment](https://github.com/Trustroots/trustroots/issues/2595#event-7408898900) here was. A mere repetition...

This effort would be worth synchronizing with that of @sitarane, who has been fixing docker containers