Bawolff added a comment.
Reading https://meta.wikimedia.org/w/api.php?action=help&modules=shortenurl - doesn't seem to require a CSRF token, so I'm not sure that CORS is needed here? (more specifically, you can use the generic origin=* I think). Although query.wikidata.org is fairly trusted, its still nice to reduce exposure by limiting CORS in places that don't strictly need it. TASK DETAIL https://phabricator.wikimedia.org/T218568 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Bawolff Cc: Bawolff, Aklapper, Lucas_Werkmeister_WMDE, alaa_wmde, ET4Eva, Nandana, sbassett, Lahi, Gq86, Darkminds3113, GoranSMilovanovic, Jayprakash12345, QZanden, EBjune, HJiang-WMF, Zoranzoki21, merbst, LawExplorer, Avner, DatGuy, Devwaker, Niklitov, Gehel, _jensen, Urbanecm, rosalieper, JEumerus, Jonas, Ananthsubray, FloNight, Xmlizer, dpatrick, Tulsi_Bhagat, Wong128hk, Luke081515, SimmeD, jkroll, Smalyshev, Wikidata-bugs, Jdouglas, Snowolf, aude, Tobias1984, GWicke, Dcljr, Stype_and_Co.-WMF, Manybubbles, Jalexander, Parent5446, Anomie, Grunny, Jdforrester-WMF, MaxSem, csteipp, Matanya, Mbch331, Rxy, Jay8g, Krenair, Legoktm, chasemp
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs