Closed Perlover closed 1 year ago
Just updated to new version of plugin: v1.0.11. There is same problem...
This is incorrect. We DO generate an Access-Control-Allow-Origin
header response (if an Origin
request header is present).
~You are probably encountering an attempt to make a preflight request via an OPTIONS HTTP method, while we only allow a GET on this endpoint. Most likely, someone is trying to use the JS fetch
function which does that additional, unnecessary request.~
Scratch that, this is still not an issue. I tested with fetch
and it still worked await fetch("https://kukks.org/.well-known/nostr.json?name=kukks")
So I'm not sure what you're experiencing.
I'm sorry! That's right and CORS is working! I checked without specifying the Origin header in the request. As soon as I specify it, the server exposes the header. Thanks for the clarification! :)
Hello!
My last BTCPay version is BTCPay Server v1.9.1+d738f797e I noticed that the plugin Nostr generates a JSON object without HTTP header "Access-Control-Allow-Origin: *"
This header is very desirable, since most clients (exactly web clients) will not be able to get the content, because the cross policy prohibits them from doing so without this header. Adding content manually is difficult if BTCPay is deployed as a docker container. The most correct thing is for the plugin to generate this header on its own. Either nginx, but the latter is also part of the docker bundle.