From b6b7fe27b6c058529552d6748519ce415c55612c Mon Sep 17 00:00:00 2001
From: Anthony Wang <ta180m@proton.me>
Date: Mon, 13 Jun 2022 15:39:20 -0500
Subject: [PATCH] WebFinger: Add CORS header and fix Href -> Template for
 remote interactions

The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues
---
 routers/web/webfinger.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/routers/web/webfinger.go b/routers/web/webfinger.go
index 80f464e0ed..0b65c2eb69 100644
--- a/routers/web/webfinger.go
+++ b/routers/web/webfinger.go
@@ -29,6 +29,7 @@ type webfingerLink struct {
 	Rel        string                 `json:"rel,omitempty"`
 	Type       string                 `json:"type,omitempty"`
 	Href       string                 `json:"href,omitempty"`
+	Template   string                 `json:"template,omitempty"`
 	Titles     map[string]string      `json:"titles,omitempty"`
 	Properties map[string]interface{} `json:"properties,omitempty"`
 }
@@ -109,10 +110,11 @@ func WebfingerQuery(ctx *context.Context) {
 		},
 		{
 			Rel:  "http://ostatus.org/schema/1.0/subscribe",
-			Href: appURL.String() + "api/v1/authorize_interaction?uri={uri}",
+			Template: appURL.String() + "api/v1/authorize_interaction?uri={uri}",
 		},
 	}
 
+	ctx.Resp.Header().Add("Access-Control-Allow-Origin", "*")
 	ctx.JSON(http.StatusOK, &webfingerJRD{
 		Subject: fmt.Sprintf("acct:%s@%s", url.QueryEscape(u.Name), appURL.Host),
 		Aliases: aliases,