Last modified: 2011-09-07 16:40:46 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T32802, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 30802 - Enable CORS on unauthenticated API requests
Enable CORS on unauthenticated API requests
Status: RESOLVED DUPLICATE of bug 20814
Product: MediaWiki
Classification: Unclassified
API (Other open bugs)
All All
: Unprioritized enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2011-09-07 16:01 UTC by Tom Morris
Modified: 2011-09-07 16:40 UTC (History)
5 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Tom Morris 2011-09-07 16:01:53 UTC
CORS support has been requested in previous related bugzilla bugs including bug 20814, bug 28700 and bug 20298.

The MediaWiki API could be used by third-party JavaScript tools a lot easier if it could return data cross-domain to Ajax users without them having to run proxies or use Flash/crossdomain.xml hacks and other such things.

The solution is simple: for HTTP GET-based, non-authenticated API requests, add the following header to the response.

Access-Control-Allow-Origin: *

More details about CORS:
Comment 1 Roan Kattouw 2011-09-07 16:40:46 UTC
This is exactly what bug 20814 is about. Marking as duplicate.

*** This bug has been marked as a duplicate of bug 20814 ***

Note You need to log in before you can comment on or make changes to this bug.