commit 0befa387a036c25f289fb8b39c5c51190c1d4b9c
parent a4ea2e787faab962032a690c2d6c7604d62fe07c
Author: triesap <tyson@radroots.org>
Date: Sun, 14 Jun 2026 02:27:46 -0700
runtime: add nip11 cors headers
- include wildcard CORS headers on successful NIP-11 responses
- preserve Accept-gated NIP-11 routing behavior
- extend NIP-11 tests to cover required response headers
- verify formatting, focused NIP-11 tests, workspace checks, and clippy
Diffstat:
1 file changed, 39 insertions(+), 4 deletions(-)
diff --git a/crates/tangle_runtime/src/nip11.rs b/crates/tangle_runtime/src/nip11.rs
@@ -137,10 +137,24 @@ async fn base_relay_info(
}
(
StatusCode::OK,
- [(
- header::CONTENT_TYPE,
- HeaderValue::from_static("application/nostr+json"),
- )],
+ [
+ (
+ header::CONTENT_TYPE,
+ HeaderValue::from_static("application/nostr+json"),
+ ),
+ (
+ header::ACCESS_CONTROL_ALLOW_ORIGIN,
+ HeaderValue::from_static("*"),
+ ),
+ (
+ header::ACCESS_CONTROL_ALLOW_HEADERS,
+ HeaderValue::from_static("*"),
+ ),
+ (
+ header::ACCESS_CONTROL_ALLOW_METHODS,
+ HeaderValue::from_static("*"),
+ ),
+ ],
Json(document),
)
.into_response()
@@ -220,6 +234,27 @@ mod tests {
response.headers().get(header::CONTENT_TYPE).expect("type"),
"application/nostr+json"
);
+ assert_eq!(
+ response
+ .headers()
+ .get(header::ACCESS_CONTROL_ALLOW_ORIGIN)
+ .expect("origin"),
+ "*"
+ );
+ assert_eq!(
+ response
+ .headers()
+ .get(header::ACCESS_CONTROL_ALLOW_HEADERS)
+ .expect("headers"),
+ "*"
+ );
+ assert_eq!(
+ response
+ .headers()
+ .get(header::ACCESS_CONTROL_ALLOW_METHODS)
+ .expect("methods"),
+ "*"
+ );
let body = to_bytes(response.into_body(), usize::MAX)
.await
.expect("body");
