Embeddable widget: iframe integration and CDN storage.

Generates embed snippets (script and iframe variants) for embedding ticket booking on external websites. Includes host validation with wildcard domain support and Content-Security-Policy frame-ancestors headers.

Functions

f
appendIframeParam

Append iframe=true query param to a URL when in iframe mode

f
buildEmbedSnippets

Build embed snippets (script and iframe variants) for a ticket URL

f
buildFrameAncestors

Build a frame-ancestors CSP value from allowed embed hosts. Returns null if the list is empty (allow embedding from anywhere).

f
deleteAllEventStorageFiles

Delete all storage files (images and attachments) for a list of events

f
deleteImage

Delete an image from Bunny storage.

f
detectIframeMode

Detect iframe mode from a request URL and store it for the current request

f
detectImageType

Detect the actual image type from magic bytes. Returns the MIME type if matched, null otherwise.

f
downloadImage

Download and decrypt an image from Bunny storage. Uses the storage SDK directly (same as upload/delete) instead of a CDN pull zone URL, which requires a separate pull zone linked to the storage zone. Returns the decrypted image bytes, or null if the file does not exist.

f
generateAttachmentFilename

Generate a random CDN filename preserving the original name for readability

f
generateImageFilename

Generate a random filename with the correct extension

f
getIframeMode

Get the current request's iframe mode

f
getImageProxyUrl

Get the proxy URL path for serving a decrypted image. Images are encrypted on CDN, so they must be served through the proxy.

f
getMimeTypeFromFilename

Get the MIME type for an image filename from its extension.

f
isStorageEnabled

Check if image storage is enabled (both env vars are set)

f
parseEmbedHosts

Parse a comma-separated list of hosts into trimmed, lowercased entries. Filters out empty strings from trailing commas etc.

f
tryDeleteImage

Try to delete an image from CDN storage, logging errors on failure

f
uploadAttachment

Upload an attachment to Bunny storage. Encrypts the file bytes before uploading. Uses the provided filename (caller generates via generateAttachmentFilename). Returns the filename on success.

f
uploadImage

Upload an image to Bunny storage. Encrypts the image bytes before uploading. Returns the filename (without path) on success.

f
validateAttachment

Validate an attachment file: check size only (any file type allowed).

f
validateCustomDomain

Validate a custom domain (delegates to bunnyCdnApi for testability).

f
validateEmbedHosts

Validate a comma-separated list of host patterns. Returns null if all valid, or the first error message.

f
validateHostPattern

Validate a single host pattern Returns null if valid, or an error message if invalid

f
validateImage

Validate an image file: check MIME type, size, and magic bytes.

Type Aliases

T
AttachmentValidationError

Attachment validation error

T
AttachmentValidationResult

Attachment validation result

T
EmbedSnippets
No documentation available
T
ImageValidationError

Image validation error

T
ImageValidationResult

Image validation result

Variables

v
ATTACHMENT_ERROR_MESSAGES

User-facing messages for attachment validation errors

v
bunnyCdnApi

Stubbable API for testing

v
DOMAIN_PATTERN

Matches a valid hostname like "example.com" or "sub.example.com"

v
IMAGE_ERROR_MESSAGES

User-facing messages for image validation errors

v
MAX_ATTACHMENT_SIZE

Maximum attachment file size in bytes (25MB)

Usage

import * as mod from "docs/embed.ts";