Hello,
I'm seeing an issue with VE on a MW system that uses a remote SSO. While MW itself work well with the SSO, VE has the following issue:
* SSO session expires (unknown to the client) * Client attempts to edit a page using VE * VE tries to contact the API via javascript * Server redirect client to SSO for revalidation * SSO refuses to process request due to the following error - "... blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource." * Client gets VE "Something Went Wrong" message
Ref: https://www.mediawiki.org/wiki/Topic:V2qh378y0tj83so8 * SSO cannot be configured to change CORS policy
Can VE be updated to meet the SSO CORS Policy?
/Rich
mediawiki-l@lists.wikimedia.org