Allow cross-site ajax with CORS.
Only allows un-credentialed (as in, no cookies or basic auth), no custom headers, and get (no post, put, delete, etc) requests.
This commit is contained in:
parent
c748933132
commit
1081b06bbe
@ -102,6 +102,7 @@ class ApiAction extends Action
|
||||
|
||||
function handle($args)
|
||||
{
|
||||
header('Access-Control-Allow-Origin: *');
|
||||
parent::handle($args);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user