- // If we're in JSON callback mode, no tokens can be obtained
- if ( !is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) ) {
- $this->dieUsage( 'Cannot create account when using a callback', 'aborted' );
+ // If we're in a mode that breaks the same-origin policy, no tokens can
+ // be obtained
+ if ( $this->lacksSameOriginSecurity() ) {
+ $this->dieUsage(
+ 'Cannot create account when the same-origin policy is not applied', 'aborted'
+ );