Manual:$wgRestAllowCrossOriginCookieAuth/ru

From Linux Web Expert

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
<translate> Security</translate>: $wgRestAllowCrossOriginCookieAuth
Allows authenticated cross-origin requests to the REST API with session cookies.
<translate> Introduced in version:</translate>1.36.0 (Gerrit change 621900; git #c36b3204)
<translate> Removed in version:</translate><translate> still in use</translate>
<translate> Allowed values:</translate>(boolean)
<translate> Default value:</translate>false

Details

Allows authenticated cross-origin requests to the REST API with session cookies.

With this option enabled, any origin specified in $wgCrossSiteAJAXdomains may send session cookies for authorization in the REST API.

There is a performance impact by enabling this option. Therefore, it should be left disabled for most wikis and clients should instead use OAuth to make cross-origin authenticated requests.

См. также