pinafore/docs/Admin-Guide.md

1.3 KiB

Admin Guide

This guide is for instance admins who may be having trouble with Pinafore compatibility.

By default, Mastodon allows cross-origin access to the /api endpoint. Thus Pinafore should "just work" for most Mastodon servers.

If the nginx/Apache settings have been changed, though, then Pinafore might not be able to connect to an instance. To check if the instance is supported, run this command (replacing myinstance.com with your instance URL):

curl -sLv -H 'Origin: https://pinafore.social' -o /dev/null \
  myinstance.com/api/v1/instance

If you see this in the output:

Access-Control-Allow-Origin: *

Then Pinafore should work as expected!

Otherwise, if the instance admin would like to whitelist only certain websites (including Pinafore) to work with CORS, then they will need to make sure that the server echoes:

Access-Control-Allow-Origin: https://pinafore.social

when Pinafore tries to access it. Note that this is a bit complicated to configure (compared to the simpler * approach), but there are instructions on StackOverflow for nginx, Apache, and other servers.