Introduction on CORS

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served^[1]. The mechanism is implemented on browser-side or client-side, in which the controlling variables is implemented based on client request header and server response header. This mechanism is implemented on various mobile and desktop browser.^[2]^[3]Prior to CORS Implementation, cross-site browser request is not allowed.

CORS Implementation on Mediawiki API

Mediawiki has its own implementation of CORS^[4] and its implemented inside file includes/api/ApiMain.php. This implementation enable the Mediawiki site admin to put whitelist of the domains that allow to perform API function calls to Mediawiki API.

How to configure

Sample API Calls

↑ https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
↑ https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#specifications
↑ https://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
↑ https://gerrit.wikimedia.org/r/c/mediawiki/core/+/9624/,Change Request on CORS at Jul 06, 2012

[1] ttps://en.wikipedia.org/wiki/Cross-origin_resource_sharing

[2] ttps://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#specifications

[3] ttps://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/

[4] https://gerrit.wikimedia.org/r/c/mediawiki/core/+/9624/,Change Request on CORS at Jul 06, 2012

[1]

[2]

[3]

[4]

CORS On Mediawiki API

Contents

Introduction on CORS

CORS Implementation on Mediawiki API

How to configure

Sample API Calls

Navigation menu

CORS On Mediawiki API

Introduction on CORS

CORS Implementation on Mediawiki API

How to configure

Sample API Calls

Navigation menu

Search