MediaWiki API issue


I am trying to build out my GET request to the mediawiki api. I’m having some trouble getting it to get past the headers origin issue. It’s giving me a No ‘Access-Control-Allow-Origin’ header is present on the requested resource error.

Here is my pen, i’m figuring it’s something simple i’m not doing here…

I think you intend to run the code when the button is clicked.

As for the fetch itself,

  • Insert &origin=* in your URL
  • You can remove the myInit object
  • The fetch code should look like this:
.then(response => response.json())
.then(function(data) {
  // or whatever you want to do with the data

I’m having the same problem as @cperry24. What do you mean when you say to insert &origin=* in the url? Where is this coming from and what does that do?

It’s just another GET parameter that you add in the URL. Like*&format=json&list=search&srsearch=magic. The asterisk is not a placeholder; you type it in.

It is explained in the API sandbox.

When accessing the API using a cross-domain AJAX request (CORS), set this to the originating domain. This must be included in any pre-flight request, and therefore must be part of the request URI (not the POST body).

For authenticated requests, this must match one of the origins in the Origin header exactly, so it has to be set to something like or If this parameter does not match the Origin header, a 403 response will be returned. If this parameter matches the Origin header and the origin is whitelisted, the Access-Control-Allow-Origin and Access-Control-Allow-Credentials headers will be set.

For non-authenticated requests, specify the value *. This will cause the Access-Control-Allow-Origin header to be set, but Access-Control-Allow-Credentials will be false and all user-specific data will be restricted.

To be honest I don’t quite understand, but plugging in * seems to solve the CORS issue.

Awesome! Thanks for your help on this! :slight_smile:

Fixed my problem. Thanks.

How did you find the API parameters like list,srsearch.?