Embeddable widget: iframe integration and CDN storage.
Generates embed snippets (script and iframe variants) for embedding ticket booking on external websites. Includes host validation with wildcard domain support and Content-Security-Policy frame-ancestors headers.
Append iframe=true query param to a URL when in iframe mode
Build embed snippets (script and iframe variants) for a ticket URL
Build a frame-ancestors CSP value from allowed embed hosts. Returns null if the list is empty (allow embedding from anywhere).
Build the full subdomain record name (user choice + suffix). e.g. "myevent" + ".tickets" → "myevent.tickets"
Delete all storage files (images and attachments) for a list of events
Delete the image and attachment files for a single event
Delete a file, routing to local or Bunny based on config.
Upload and publish new script code to Bunny CDN.
Detect iframe mode from a request URL and store it for the current request
Detect the actual image type from magic bytes. Returns the MIME type if matched, null otherwise.
Download and decrypt a file. Returns the decrypted bytes, or null if the file does not exist.
Download raw bytes from storage. Returns null if the file does not exist.
Generate a random CDN filename preserving the original name for readability
Generate a random filename with the correct extension
Get CDN hostname (delegates to bunnyCdnApi for testability).
Get the current request's iframe mode
Get the proxy URL path for serving a decrypted image. Images are encrypted on CDN, so they must be served through the proxy.
Get the MIME type for an image filename from its extension.
Returns which storage backend is active: "bunny", "local", or "none".
Check if image storage is enabled (Bunny CDN or local filesystem).
List files in storage matching a prefix
Parse a comma-separated list of hosts into trimmed, lowercased entries. Filters out empty strings from trailing commas etc.
Register a bunny subdomain (DNS + CDN).
Run fn with an isolated storage configuration (test-only).
Try to delete a file from storage, logging errors on failure
Upload an attachment to Bunny storage. Encrypts the file bytes before uploading. Uses the provided filename (caller generates via generateAttachmentFilename). Returns the filename on success.
Upload an image to Bunny storage. Encrypts the image bytes before uploading. Returns the filename (without path) on success.
Upload raw bytes to storage, routing to local or Bunny based on config
Validate an attachment file: check size only (any file type allowed).
Validate a custom domain (delegates to bunnyCdnApi for testability).
Validate a comma-separated list of host patterns. Returns null if all valid, or the first error message.
Validate a single host pattern Returns null if valid, or an error message if invalid
Validate an image file: check MIME type, size, and magic bytes.
Attachment validation error
| { valid: false; error: AttachmentValidationError; }
Attachment validation result
Image validation error
User-facing messages for attachment validation errors
Matches a valid hostname like "example.com" or "sub.example.com"
User-facing messages for image validation errors
Maximum attachment file size in bytes (default: 25MB)
Usage
import * as mod from "docs/embed.ts";