Manual:$wgAllowCrossOrigin
| Security: $wgAllowCrossOrigin | |
|---|---|
| Allow anonymous cross origin requests to the REST API. |
|
| Introduced in version: | 1.36.0 (Gerrit change 608190; git #ab06b056) |
| Removed in version: | Still in use |
| Allowed values: | (boolean) |
| Default value: | false |
| Other settings: Alphabetical | By function | |
Details
[edit]Allow anonymous cross origin requests to the REST API.
This should be disabled for intranet sites (sites behind a firewall).