On Wed, 29 Aug 2012 12:03:05 -0700, Mark Holmquist
<[email protected]> wrote:
Has there been any discussion of CORS support in Mediawiki / WMF sites
anywhere?
There was some talk of it in bug 32890 [0] in UploadWizard, and I tried
to throw together code for it in a patchset [1], but I didn't spend much
time on it (the effort was mostly to put the code into a workable
patchset rather than just a snippet in a bug).
bawolff also commented on the patchset and linked to bug 20814 [2],
which is further discussion of the topic in broader strokes.
[0] https://bugzilla.wikimedia.org/show_bug.cgi?id=32890
[1] https://gerrit.wikimedia.org/r/#/c/9718/
[2] https://bugzilla.wikimedia.org/show_bug.cgi?id=20814
CORS will definitely be something we want to implement when
OAuth/SomethingLikeIt comes around.
JSONP is a horrid concept and we shouldn't encourage it's use.
And it's impossible to do write actions or proper OAuth over JSONP. So
CORS will be necessary for any pure-JS OAuth apps.
eg: 3rd party anti-spam web apps that let you open them up in your
browser, type in a wiki's url, connect with OAuth, and then make batch
cleanups, patrolling, etc...
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]
_______________________________________________
Wikitech-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
