feat(cors): Allow cross origin verification requests

shrink · shrink · commit f5b14d3a1d76 · 2025-08-19T04:22:34.000+07:00
diff --git a/main_test.go b/main_test.go
@@ -143,3 +143,15 @@ func TestUnknownHandleRedirectsToDestination(t *testing.T) {
 	assert.Equal(t, "https://example.com/register?handle=carol.example.com", url.String())
 
 }
+
+func TestDidEndpointAllowsCrossOriginRequests(t *testing.T) {
+	router, _ := NewTestEnvironment()
+
+	res := httptest.NewRecorder()
+	req, _ := http.NewRequest("GET", "https://alice.example.com/.well-known/atproto-did", nil)
+	router.ServeHTTP(res, req)
+
+	assert.Equal(t, http.StatusOK, res.Code)
+	assert.Equal(t, "did:plc:example001", res.Body.String())
+	assert.Equal(t, "*", res.Header().Get("Access-Control-Allow-Origin"))
+}
diff --git a/router.go b/router.go
@@ -100,6 +100,7 @@ func VerifyHandle(c *gin.Context) {
 		return
 	}
 
+	c.Header("Access-Control-Allow-Origin", "*")
 	c.String(http.StatusOK, string(result.DecentralizedID))
 }
 

Original file line number	Diff line number	Diff line change
`@@ -100,6 +100,7 @@ func VerifyHandle(c *gin.Context) {`
`100`	`100`	`return`
`101`	`101`	`}`
`102`	`102`
	`103`	`+ c.Header("Access-Control-Allow-Origin", "*")`
`103`	`104`	`c.String(http.StatusOK, string(result.DecentralizedID))`
`104`	`105`	`}`
`105`	`106`