Open main menu


This page is a translated version of the page Manual:$wgCrossSiteAJAXdomains and the translation is 0% complete.

Other languages:
Bahasa Indonesia • ‎English • ‎français • ‎magyar • ‎polski • ‎中文 • ‎日本語
API: $wgCrossSiteAJAXdomains
Domains that may make cross-site Ajax requests to the MediaWiki API.
Introduit dans la version :1.16.0 (r54127)
Retiré dans la version :Encore utilisé
Valeurs autorisées :(array)
Valeur par défaut :[]


Allows Ajax requests from certain domains to make cross-site requests to a wiki's API (see Manuel:CORS/fr for example usage). This uses the Access-Control-Allow-Origin HTTP header. Note that some older browsers don't support this. This only affects requests to the API. Other entry points (index.php) are not affected.

The value must be a list of allowed domain names, which can include shell-style wildcards (? to match any character, * to match any number (including zero) of characters). An empty array means no external access is allowed.

Some examples:

Allow any domain to access the API via Ajax:

$wgCrossSiteAJAXdomains = array( '*' );

Allow two specific domains:

$wgCrossSiteAJAXdomains = array( '', '' );

Allow all subdomains of a domain (including "deep" subdomains such as

$wgCrossSiteAJAXdomains = array( '*' );

See gerrit:9624 for a usage example.

See also