Manual:$wgCrossSiteAJAXdomains/ja

詳細
Allows Ajax requests from certain domains to make cross-site requests to a wiki's API (see for example usage). これは Access-Control-Allow-Origin HTTP ヘッダーを使用します. Note that some older browsers don't support this. This only affects requests to the API. Other entry points (index.php) are not affected.

The value must be a list of allowed domain names, which can include shell-style wildcards ( to match any character,   to match any number (including zero) of characters). An empty array means no external access is allowed.

Some examples:

Allow any domain to access the API via Ajax (This is insecure):

Allow two specific domains:

Allow all subdomains of a domain (including "deep" subdomains such as ):

使用例は 9624 を参照してください.