Translations:Manual:$wgCrossSiteAJAXdomains/12/en

Allow any domain to access the API via Ajax (This is insecure):