Manual:$wgAllowCrossOrigin/pl

Szczegóły
Allow anonymous cross origin requests.

This should be disabled for intranet sites (sites behind a firewall).