Manual:Hooks/RequestHasSameOriginSecurity
Appearance
RequestHasSameOriginSecurity | |
---|---|
Available from version 1.27.0 Called to determine if the request is somehow flagged to lack same-origin security. | |
Define function: | public static function onRequestHasSameOriginSecurity( WebRequest $request ) { ... }
|
Attach hook: | In extension.json:
{
"Hooks": {
"RequestHasSameOriginSecurity": "MediaWiki\\Extension\\MyExtension\\Hooks::onRequestHasSameOriginSecurity"
}
}
|
Called from: | File(s): api/ApiMain.php Function(s): lacksSameOriginSecurity |
Interface: | RequestHasSameOriginSecurityHook.php |
For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:RequestHasSameOriginSecurity extensions.
Return false to indicate that the same-origin security is somehow lacked. Note if the "somehow" involves HTTP headers, you'll probably need to make sure the header is varied on.
This hook was added in a security patch and thus not available on Gerrit. It was added in https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/9ec1ef7308acc0366e92f8e6af10ce3cb22b5065%5E%21/.
Details
[edit]$request
: The WebRequest object.