https://bugzilla.wikimedia.org/show_bug.cgi?id=60835
Web browser: --- Bug ID: 60835 Summary: Enable cross-domain Wikipedia API requests for everyone Product: Wikimedia Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: enhancement Priority: Unprioritized Component: Site requests Assignee: wikibugs-l@lists.wikimedia.org Reporter: eaton....@gmail.com CC: benap...@gmail.com, bugzilla+org.wikime...@tuxmachine.com, dereck...@espace-win.org, g...@wikimedia.org, tom...@twkozlowski.net, wikimedia.b...@snowolf.eu Classification: Unclassified Mobile Platform: --- I was hoping that the response from a GET request to Wikipedia's API[1] would include a CORS "Access-Control-Allow-Origin: *" header, so that it could be accessed by a client-side script running on any domain. I ended up using the JSONP response as a workaround, but this is less secure than cross-origin JSON, and shouldn't really be necessary now that browsers support CORS headers. Would it be possible to add an "Access-Control-Allow-Origin: *" header to the API's JSON responses? [1] https://en.wikipedia.org/w/api.php?action=query&list=categorymembers&cmlimit=max&cmtype=subcat&format=json&cmtitle=Category:Set_theory -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l