X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=resources%2Fsrc%2Fmediawiki%2FForeignApi.js;h=1a3cdd5a3f4451c0c336844690857d62d3e4c5d7;hb=e166ba2abd240abed62b4f93bd9c9d4eeb72fa64;hp=899daa57a4ed001742c9a420abe2f852f6ab6787;hpb=6a8de1f1aa0bcdbf9385a4f9a01a4ef3bb70be57;p=lhc%2Fweb%2Fwiklou.git

diff --git a/resources/src/mediawiki/ForeignApi.js b/resources/src/mediawiki/ForeignApi.js
index 899daa57a4..1a3cdd5a3f 100644
--- a/resources/src/mediawiki/ForeignApi.js
+++ b/resources/src/mediawiki/ForeignApi.js
@@ -35,6 +35,9 @@
 	 * @constructor
 	 * @param {string|mw.Uri} url URL pointing to another wiki's `api.php` endpoint.
 	 * @param {Object} [options] See mw.Api.
+	 * @param {Object} [options.anonymous=false] Perform all requests anonymously. Use this option if
+	 *     the target wiki may otherwise not accept cross-origin requests, or if you don't need to
+	 *     perform write actions or read restricted information and want to avoid the overhead.
 	 *
 	 * @author Bartosz Dziewoński
 	 * @author Jon Robson
@@ -45,13 +48,14 @@
 		}
 
 		this.apiUrl = String( url );
+		this.anonymous = options && options.anonymous;
 
-		options = $.extend( /*deep=*/ true,
+		options = $.extend( /* deep=*/ true,
 			{
 				ajax: {
 					url: this.apiUrl,
 					xhrFields: {
-						withCredentials: true
+						withCredentials: !this.anonymous
 					}
 				},
 				parameters: {
@@ -76,7 +80,11 @@
 	 * @return {string}
 	 */
 	CoreForeignApi.prototype.getOrigin = function () {
-		var origin = location.protocol + '//' + location.hostname;
+		var origin;
+		if ( this.anonymous ) {
+			return '*';
+		}
+		origin = location.protocol + '//' + location.hostname;
 		if ( location.port ) {
 			origin += ':' + location.port;
 		}