https://bugzilla.wikimedia.org/show_bug.cgi?id=30802
Web browser: --- Bug #: 30802 Summary: Enable CORS on unauthenticated API requests Product: MediaWiki Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: Unprioritized Component: API AssignedTo: wikibugs-l@lists.wikimedia.org ReportedBy: t...@tommorris.org CC: bryan.tongm...@gmail.com, roan.katt...@gmail.com, s...@reedyboy.net, soxre...@gmail.com Classification: Unclassified CORS support has been requested in previous related bugzilla bugs including bug 20814, bug 28700 and bug 20298. The MediaWiki API could be used by third-party JavaScript tools a lot easier if it could return data cross-domain to Ajax users without them having to run proxies or use Flash/crossdomain.xml hacks and other such things. The solution is simple: for HTTP GET-based, non-authenticated API requests, add the following header to the response. Access-Control-Allow-Origin: * More details about CORS: http://enable-cors.org/ http://www.html5rocks.com/en/tutorials/file/xhr2/ http://www.w3.org/TR/cors/ -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l