wiki.techinc.nl

Thijs/wiki.techinc.nl

History

David Barratt c36b320454 Handle CORS preflight request and prevent anon users from unsafe methods Creates an OPTIONS handler that handles any OPTIONS requests that are not already handled by a handler. CORS has no mechanism to ensure the user is authenticated, so the Router will reject cross-origin requests from anon users. This change allows authenticated users to make cross-origin requests if they authenticate with OAuth or if $wgRestAllowCrossOriginCookieAuth is enabled. Bug: T232176 Bug: T262712 Change-Id: I128b4bdbec4f6bea35142153c951fd7b79617106	2020-09-21 19:29:40 -04:00
..
includes	Handle CORS preflight request and prevent anon users from unsafe methods	2020-09-21 19:29:40 -04:00
languages	Hooks::run() call site migration	2020-05-30 14:23:28 +00:00

David Barratt c36b320454

Handle CORS preflight request and prevent anon users from unsafe methods

Creates an OPTIONS handler that handles any OPTIONS requests that are
not already handled by a handler. CORS has no mechanism to ensure the
user is authenticated, so the Router will reject cross-origin requests
from anon users.

This change allows authenticated users to make cross-origin
requests if they authenticate with OAuth or if
$wgRestAllowCrossOriginCookieAuth is enabled.

Bug: T232176
Bug: T262712
Change-Id: I128b4bdbec4f6bea35142153c951fd7b79617106

2020-09-21 19:29:40 -04:00

includes

Handle CORS preflight request and prevent anon users from unsafe methods

2020-09-21 19:29:40 -04:00

languages

Hooks::run() call site migration

2020-05-30 14:23:28 +00:00