Expected behavior
To comply with the User Agent policy, clients that cannot set the User-Agent header are "encouraged" to set the Api-User-Agent header. To support this, I would like to include the Api-User-Agent header in the JavaScript examples in the MediaWiki REST API. For example:
async function doFetch() { const rsp = await fetch( "https://en.wikipedia.org/w/rest.php/v1/search/page?q=jupiter&limit=20", { headers: { 'Api-User-Agent': 'MediaWiki REST API docs examples/0.1 (https://www.mediawiki.org/wiki/API_talk:REST_API)', } } ); const data = await rsp.json(); return data; }
Observed behavior
The example above gives the error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://en.wikipedia.org/w/rest.php/v1/search/page?q=jupiter&limit=20. (Reason: header ‘api-user-agent’ is not allowed according to header ‘Access-Control-Allow-Headers’ from CORS preflight response). Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://en.wikipedia.org/w/rest.php/v1/search/page?q=jupiter&limit=20. (Reason: CORS request did not succeed). NetworkError when attempting to fetch resource.
This was originally identified by @Lucas_Werkmeister_WMDE in T268791#7066560
Proposal
Allow the Api-User-Agent header in MediaWiki REST API requests, similar to T76340: API CORS preflight response should allow Api-User-Agent header