Lucas_Werkmeister_WMDE added a comment.
Yes, I was hoping that `origin=*` might still support authenticated requests with an `Authorization` header. But it looks like it doesn’t work: `$AllowedCorsHeaders` doesn’t include `Authorization` by default; and even if I added it locally, the request still ends up as anonymous. TASK DETAIL https://phabricator.wikimedia.org/T323615 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE Cc: Lucas_Werkmeister_WMDE, Aklapper, RPI2026F1, Astuthiodit_1, Atieno, karapayneWMDE, Invadibot, DAbad, maantietaja, ItamarWMDE, Akuckartz, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Mbch331
_______________________________________________ Wikidata-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
