AnalogManDigitalKid
Yrlish
/ cf-worker-proton-wkd.js
Last active
July 20, 2025 19:09
CloudFlare worker proxy for ProtonMail WKD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // 1. Create a worker in the dashboard and paste the following code into it | |
| // 2. Replace all references to example.com to your domain, add more domains if needed | |
| // 3. Deploy the worker | |
| // 4. Setup routes in the dashboard for: | |
| // - example.com/.well-known/openpgpkey/* | |
| // - openpgpkey.example.com/.well-known/openpgpkey/* | |
| // - (apply above for additional domains too) | |
| // 5. Verify that it is working with https://metacode.biz/openpgp/web-key-directory | |
| export default { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This worker is designed to be able to neatly handle MTA-STS policies for multiple domains. | |
| // Make a new worker with this script and add your domains to the stsPolicies dict like the example. | |
| // Add a DNS AAAA record for mta-sts.yourdomain.com pointing to 100:: and set to proxied, | |
| // then add a workers route for mta-sts.yourdomain.com/* pointing to this worker. | |
| // You should probably also create a Cloudflare configuration rule disabling Browser Integrity Check for the mta-sts subdomain | |
| // to ensure MTAs aren't blocked from retrieving your policy. | |
| // You'll still need to manually add the appropriate _mta-sts.yourdomain.com TXT record to enable the policy, |