[Bug 30802] New: Enable CORS on unauthenticated API requests

bugzilla-daemon Wed, 07 Sep 2011 09:02:13 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=30802


       Web browser: ---
             Bug #: 30802
           Summary: Enable CORS on unauthenticated API requests
           Product: MediaWiki
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: Unprioritized
         Component: API
        AssignedTo: wikibugs-l@lists.wikimedia.org
        ReportedBy: t...@tommorris.org
                CC: bryan.tongm...@gmail.com, roan.katt...@gmail.com,
                    s...@reedyboy.net, soxre...@gmail.com
    Classification: Unclassified


CORS support has been requested in previous related bugzilla bugs including bug
20814, bug 28700 and bug 20298.

The MediaWiki API could be used by third-party JavaScript tools a lot easier if
it could return data cross-domain to Ajax users without them having to run
proxies or use Flash/crossdomain.xml hacks and other such things.

The solution is simple: for HTTP GET-based, non-authenticated API requests, add
the following header to the response.

Access-Control-Allow-Origin: *

More details about CORS:
http://enable-cors.org/
http://www.html5rocks.com/en/tutorials/file/xhr2/
http://www.w3.org/TR/cors/

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 30802] New: Enable CORS on unauthenticated API requests

Reply via email to