Consider changing Request.credentials from same-origin to include #38

jcbpl · 2018-07-13T16:27:43Z

I'm interested in deploying graphiql-workspace so that it could be used to call multiple authenticated graphql endpoints that run on subdomains of my company's TLD. Currently, the implementation of fallbackFetcher precludes this because it calls fetch with credentials: 'same-origin' instead of credentials: 'include':

graphiql-workspace/src/GraphiQLTab.jsx

Line 535 in 967c3d5

credentials: 'same-origin',

Would there be any objection to changing same-origin to include? (FWIW, that's what the reference example in the graphiql repo does.)

Alternatively, if the use of same-origin is deliberate, would it be possible to make it a configuration option?

Thanks!

The text was updated successfully, but these errors were encountered:

OlegIlyenko · 2018-07-17T22:07:19Z

I'm not an expert on CORS, but I think include has it's own set of issues: #27 (the original PR that chnaged it to same-origin).

I don't mind parametrizing it though. Would you like to make a PR?

jcbpl · 2018-07-18T20:59:05Z

Ah, got it. Yep, I'll open a PR.

jcbpl mentioned this issue Jul 18, 2018

Support passing credentials option to appConfig.bootstrapOptions #39

Merged

OlegIlyenko closed this as completed in #39 Jul 18, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Consider changing Request.credentials from same-origin to include #38

Consider changing Request.credentials from same-origin to include #38

jcbpl commented Jul 13, 2018

OlegIlyenko commented Jul 17, 2018 •

edited

Loading

jcbpl commented Jul 18, 2018

Consider changing Request.credentials from same-origin to include #38

Consider changing Request.credentials from same-origin to include #38

Comments

jcbpl commented Jul 13, 2018

OlegIlyenko commented Jul 17, 2018 • edited Loading

jcbpl commented Jul 18, 2018

OlegIlyenko commented Jul 17, 2018 •

edited

Loading