nekomimi.pet / wisp.place-monorepo
Monorepo for wisp.place. A static site hosting service built on top of the AT Protocol. wisp.place
fork atom

update dns to not necessitate cname verifcation in cases of cname flattening

nekomimi.pet 4ecb03e9 7f5fa737

options
unified split
Changed files
+34 -4
public
editor
editor.tsx
src
lib
dns-verify.ts
+15 -1
public/editor/editor.tsx 
···

       
661

       
 

       
								)}


     

       
662

       
 

       
							</CardContent>


     

       
663

       
 

       
						</Card>


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
664

       
 

       
					</TabsContent>


     

       
665

       
 

       



     

       
666

       
 

       
					{/* Domains Tab */}


     
···

       
1604

       
 

       
													</div>


     

       
1605

       
 

       
												</div>


     

       
1606

       
 

       
												<p className="text-xs text-muted-foreground mt-2">


     

       
1607

       
-

       
													Some DNS providers may require you to use @ or leave it blank for the root domain


     

       
1608

       
 

       
												</p>


     

       
1609

       
 

       
											</div>


     

       
1610

       
 

       
										</div>


     
···

       
661

       
 

       
								)}


     

       
662

       
 

       
							</CardContent>


     

       
663

       
 

       
						</Card>


     

       
664

       
+

       



     

       
665

       
+

       
						<div className="p-4 bg-muted/30 rounded-lg border-l-4 border-yellow-500/50">


     

       
666

       
+

       
							<div className="flex items-start gap-2">


     

       
667

       
+

       
								<AlertCircle className="w-4 h-4 text-yellow-600 dark:text-yellow-400 mt-0.5 flex-shrink-0" />


     

       
668

       
+

       
								<div className="flex-1 space-y-1">


     

       
669

       
+

       
									<p className="text-xs font-semibold text-yellow-600 dark:text-yellow-400">


     

       
670

       
+

       
										Note about sites.wisp.place URLs


     

       
671

       
+

       
									</p>


     

       
672

       
+

       
									<p className="text-xs text-muted-foreground">


     

       
673

       
+

       
										Complex sites hosted on <code className="px-1 py-0.5 bg-background rounded text-xs">sites.wisp.place</code> may have broken assets if they use absolute paths (e.g., <code className="px-1 py-0.5 bg-background rounded text-xs">/folder/script.js</code>) in CSS or JavaScript files. While HTML paths are automatically rewritten, CSS and JS files are served as-is. For best results, use a wisp.place subdomain or custom domain, or ensure your site uses relative paths.


     

       
674

       
+

       
									</p>


     

       
675

       
+

       
								</div>


     

       
676

       
+

       
							</div>


     

       
677

       
+

       
						</div>


     

       
678

       
 

       
					</TabsContent>


     

       
679

       
 

       



     

       
680

       
 

       
					{/* Domains Tab */}


     
···

       
1618

       
 

       
													</div>


     

       
1619

       
 

       
												</div>


     

       
1620

       
 

       
												<p className="text-xs text-muted-foreground mt-2">


     

       
1621

       
+

       
													Note: Some DNS providers (like Cloudflare) flatten CNAMEs to A records - this is fine and won't affect verification.


     

       
1622

       
 

       
												</p>


     

       
1623

       
 

       
											</div>


     

       
1624

       
 

       
										</div>
+19 -3
src/lib/dns-verify.ts 
···

       
135

       
 

       
}


     

       
136

       
 

       



     

       
137

       
 

       
/**


     

       
138

       
-

       
 * Verify both TXT and CNAME records for a custom domain


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
139

       
 

       
 */


     

       
140

       
 

       
export const verifyCustomDomain = async (


     

       
141

       
 

       
	domain: string,


     

       
142

       
 

       
	expectedDid: string,


     

       
143

       
 

       
	expectedHash: string


     

       
144

       
 

       
): Promise<VerificationResult> => {


     

       

       

       
     

       
145

       
 

       
	const txtResult = await verifyDomainOwnership(domain, expectedDid)


     

       
146

       
 

       
	if (!txtResult.verified) {


     

       
147

       
 

       
		return txtResult


     

       
148

       
 

       
	}


     

       
149

       
 

       



     

       

       

       
     

       

       

       
     

       
150

       
 

       
	const cnameResult = await verifyCNAME(domain, expectedHash)


     

       

       

       
     

       

       

       
     

       
151

       
 

       
	if (!cnameResult.verified) {


     

       
152

       
-

       
		return cnameResult


     

       
153

       
 

       
	}


     

       
154

       
 

       



     

       
155

       
-

       
	return { verified: true }


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
156

       
 

       
}


     
···

       
135

       
 

       
}


     

       
136

       
 

       



     

       
137

       
 

       
/**


     

       
138

       
+

       
 * Verify custom domain using TXT record as authoritative proof


     

       
139

       
+

       
 * CNAME check is optional/advisory - TXT record is sufficient for verification


     

       
140

       
+

       
 *


     

       
141

       
+

       
 * This approach works with CNAME flattening (e.g., Cloudflare) where the CNAME


     

       
142

       
+

       
 * is resolved to A/AAAA records and won't be visible in DNS queries.


     

       
143

       
 

       
 */


     

       
144

       
 

       
export const verifyCustomDomain = async (


     

       
145

       
 

       
	domain: string,


     

       
146

       
 

       
	expectedDid: string,


     

       
147

       
 

       
	expectedHash: string


     

       
148

       
 

       
): Promise<VerificationResult> => {


     

       
149

       
+

       
	// TXT record is authoritative - it proves ownership


     

       
150

       
 

       
	const txtResult = await verifyDomainOwnership(domain, expectedDid)


     

       
151

       
 

       
	if (!txtResult.verified) {


     

       
152

       
 

       
		return txtResult


     

       
153

       
 

       
	}


     

       
154

       
 

       



     

       
155

       
+

       
	// CNAME check is advisory only - we still check it for logging/debugging


     

       
156

       
+

       
	// but don't fail verification if it's missing (could be flattened)


     

       
157

       
 

       
	const cnameResult = await verifyCNAME(domain, expectedHash)


     

       
158

       
+

       



     

       
159

       
+

       
	// Log CNAME status for debugging, but don't fail on it


     

       
160

       
 

       
	if (!cnameResult.verified) {


     

       
161

       
+

       
		console.log(`[DNS Verify] ⚠️  CNAME verification failed (may be flattened):`, cnameResult.error)


     

       
162

       
 

       
	}


     

       
163

       
 

       



     

       
164

       
+

       
	// TXT verification is sufficient


     

       
165

       
+

       
	return {


     

       
166

       
+

       
		verified: true,


     

       
167

       
+

       
		found: {


     

       
168

       
+

       
			txt: txtResult.found?.txt,


     

       
169

       
+

       
			cname: cnameResult.found?.cname


     

       
170

       
+

       
		}


     

       
171

       
+

       
	}


     

       
172

       
 

       
}