It returns whatever the full URL of the item is. That is: storage base URL + item URL relative to storage root. For example if you request the item URL of
foo-item using a BaseClient that is scoped to the category
foo-category, then your URL will look something like
Only items in the special
public/ directory are public. Every item is publicly accessible, but folder listings are not. A remoteStorage permissions scope is valid for both the private and public path of a category. For example if you have RW access to
foo-category, you can read and write in both
/foo-category/ as well as
Yes, you can e.g. search https://tools.ietf.org/html/draft-dejong-remotestorage-07 for the word "public". I do think it'd be nice to have an easier-to-read explainer document for the whole protocol in addition to the spec, but nobody wrote one yet.
Hope this helps.