From 5b234b6b61f93f095058442eee1601212a4c55bd Mon Sep 17 00:00:00 2001 From: Michilis Date: Wed, 6 May 2026 19:07:01 +0000 Subject: [PATCH] Set Access-Control-Allow-Origin: * on /.well-known/nostr.json NIP-05 requires this header so browser-based Nostr clients can validate identities via fetch from any origin. --- internal/http/handlers/nostrjson.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/http/handlers/nostrjson.go b/internal/http/handlers/nostrjson.go index a03a3f6..8eaa799 100644 --- a/internal/http/handlers/nostrjson.go +++ b/internal/http/handlers/nostrjson.go @@ -12,6 +12,7 @@ type NostrJSON struct { } func (h *NostrJSON) Handle(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Cache-Control", "public, max-age=60") names, err := h.Users.Repo().ActiveByName(r.Context())