c896eaa8ae
Site administrators can configure site.allowOriginRegex to allow web applications hosted on other sites to make XHR calls to read from Gerrit's REST API. This supports creating mashups within an organization by blessing sibling sites to access Gerrit to read change data or search results. Mutation APIs (PUT, POST, DELETE) are currently rejected by not granting permission to use these methods, nor to send the X-Gerrit-Auth request header required for XSRF protection. Change-Id: I90860e619b9d4a3ff9fa2e010cd648a132f56a27 |
||
|---|---|---|
| .. | ||
| src | ||
| BUCK | ||
| BUILD | ||