Page MenuHomePhabricator

Enable CORS on webserver for
Closed, ResolvedPublic


I'm making a web-based tool that makes a web request to a CSV file at — however, because that webserver hasn't enabled CORS (cross-origin resource sharing), most browsers can't fetch the file.

To see this, open your browser to any URL (like, then open the JavaScript Console, and type in the following:

fetch('').then(res => res.json()).then(x => console.log(x))

Firefox for example will tell you, "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). TypeError: NetworkError when attempting to fetch resource."

Assuming Wikistats, the Cloud team, and the Wikimedia Foundation *do* indeed want this data to be loadable by JavaScript running on any domain, the standard way to fix this is to add the "Access-Control-Allow-Origin: *" header to all responses sent by the webserver. More detail is available at

Event Timeline

Aldebrn created this task.Mar 8 2018, 3:16 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 8 2018, 3:16 AM
Aldebrn updated the task description. (Show Details)Mar 8 2018, 3:17 AM
Aldebrn updated the task description. (Show Details)
Dzahn added a subscriber: Dzahn.Jun 16 2018, 7:07 AM

This should have been resolved in T193094

Dzahn closed this task as Resolved.Jun 16 2018, 7:10 AM
Dzahn claimed this task.

please reopen if for any reason there is still an issue, but i believe it was a duplicate of the ticket above