You can login in a non existing pod (mashlib flavor)

[bourgeoa]

Either with subdomain or mashlib if you use a not existing podname https://<non existing podname>.solidcommunity.net:8443

• you receive a 401
• then you can login with https://solidcommunity.net:8443/.account/login/password/
• and be redirected to the non existing pod URL https://<non existing podname>.solidcommunity.net:8443

This seems very strange for a user.

Could CSS consider that the pod do not exist and return something like pod not found ?

[joachimvh]

CSS return status codes are based on solid/specification#14 (comment), which states that the response should be 401/403 if the client does not have read access, independent of the resource's existence. So the CSS has to return a 401 there. Perhaps after logging in, mashlib could do an additional request first to see if the request succeeds when authenticated before redirecting the user?

[bourgeoa]

I think I understand your point.
But to my understanding in the described situation we do not have a Solid Resource until there is a valid pod, and then here not bind to Solid specification.

[joachimvh]

I get what you're saying, but this would require some big changes to make the server handle these cases, as the server would have to swap between being a "solid server" and not for certain resources. I think that one of the reasons this is also required is so the server doesn't leak information about resources existing or not based on the status codes.