Toggle search
Toggle menu
17
222
4
1.4K
UnfinishedProjects
Toggle preferences menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.
   
       🚧 True to our name, this project is still not quite finished. 🚧
   
   You’re welcome to explore, but account registration is currently invite-only as we finalize the setup. 
   Join our forum or follow Mastodon for updates. 
   Wiki registration will be available soon!

MediaWiki:Apihelp-main-param-crossorigin

MediaWiki interface page
More actions

When accessing the API using a cross-domain AJAX request (CORS) and using a session provider that is safe against cross-site request forgery (CSRF) attacks (such as OAuth), use this instead of origin=* to make the request authenticated (i.e., not logged out). This must be included in any pre-flight request, and therefore must be part of the request URI (not the POST body).

Note that most session providers, including standard cookie-based sessions, do not support authenticated CORS and cannot be used with this parameter.

Retrieved from "https://unfinishedprojects.net/wiki/MediaWiki:Apihelp-main-param-crossorigin"