Closed hashar closed 1 year ago
We need the API to emit Access-Control-Allow-Origin: * to allow downstream usage in JavaScript application. For example the integration with https://gerrit.wikimedia.org/. Without it, the browser complains with:
Access-Control-Allow-Origin: *
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://patchdemo.wmflabs.org/api.php?action=findwikis&change=922162. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Part of #285 Follow-up #537
Bug: https://phabricator.wikimedia.org/T332474
Deployed.
We need the API to emit
Access-Control-Allow-Origin: *
to allow downstream usage in JavaScript application. For example the integration with https://gerrit.wikimedia.org/. Without it, the browser complains with:Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://patchdemo.wmflabs.org/api.php?action=findwikis&change=922162. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Part of #285 Follow-up #537
Bug: https://phabricator.wikimedia.org/T332474