In RESTBase, the example config files (like config.example.yaml in the root directory) contains this code:
x-sub-request-filters:
- type: default
name: http
options:
allow:
- pattern: http://localhost/w/api.php
forward_headers: true
- pattern: http://localhost:8142
forward_headers: true
- pattern: /^https?:\/\//
What’s exactly this code for?
Apparently this is some sort of outgoing request filtering, per https://gerrit.wikimedia.org/r/#/c/277836/ (the general documentation of RESTBase is very poor) but I’m not sure how to configure it properly. Are they public-facing URLs or internal requests (RESTBase<->Parsoid)? Because localhost
may not be correct in this case.
I’ve tried to comment-out the contents of the allow
section but leaving just one random URL, and VisualEditor saves just fine. Is this configuration actually doing anything? Or do I need to enable something?