dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New convenience method ApiBase::lacksSameOriginSecurity()
[lhc/web/wiklou.git] / includes / api / ApiCreateAccount.php
diff --git a/includes/api/ApiCreateAccount.php b/includes/api/ApiCreateAccount.php
index a7ba48a..b56a244 100644 (file)
--- a/includes/api/ApiCreateAccount.php
+++ b/includes/api/ApiCreateAccount.php
@@ -29,9 +29,12 @@
  */
 class ApiCreateAccount extends ApiBase {
        public function execute() {
-               // If we're in JSON callback mode, no tokens can be obtained
-               if ( !is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) ) {
-                       $this->dieUsage( 'Cannot create account when using a callback', 'aborted' );
+               // If we're in a mode that breaks the same-origin policy, no tokens can
+               // be obtained
+               if ( $this->lacksSameOriginSecurity() ) {
+                       $this->dieUsage(
+                               'Cannot create account when the same-origin policy is not applied', 'aborted'
+                       );
                }
 
                // $loginForm->addNewaccountInternal will throw exceptions
Wiklou, le Wiki du Wiklou