Thread:Talk:Requests for comment/Alternative Commons Domains/This should no longer be needed

CORS API requests from Wikipedia to Commons may now use the "centralauthtoken" API parameter (implemented in ) to bypass the not-logged-in issues raised. This was merged on May 30 and therefore has probably deployed since 1.22wmf6. It appears that MobileFrontend has the ability to use this since.

The SUL2 work which will be deployed soon should improve the situation for web UI accesses, too. The "login handshake" hack mentioned here can probably be removed.