We should add a simple handler for cases where you may want to front the application with a reverse proxy server such as Caddy or tlstunnel.
Caddy works by sending a request to a specified URL path with the query string ?domain=example.org and if a 200 response is returned, it's accepted. If it's 400, (or any non 200 range status) it's rejected.
tlstunnel by calling an external program (validate_command setting) and if exit code is 0 the domain is accepted, otherwise rejected.
Would be easy enough to write a handler that just wraps existing domain verification (Caddy) and also a simple CLI app to call this route for use in tlstunnel.
Peter Sanchez referenced this ticket in commit a785107.
Peter Sanchez referenced this ticket in commit 4969ca7.
Peter Sanchez referenced this ticket in commit f66dea4.