Platonides Platonides@gmail.com writes:
CORS does seem to be the way to go. I have drafted a new proposal below which attempts to fix several bug in our way of doing central login.
Would this allow CentralAuth to work with IE8 in the “medium” privacy mode? I haven't tried it, but https://bugzilla.wikimedia.org/27498 shows an example of someone frustrated with CentralAuth not working on IE8 with that privacy setting.
Mark.