From dadbf7d9db43e393d95f6ea8ce14466bc1f66212 Mon Sep 17 00:00:00 2001
From: deathcap <deathcap@gmx.co.uk>
Date: Tue, 10 Feb 2015 01:36:20 -0800
Subject: [PATCH] Network access works - disable creds in XHR for wildcarded
 CORS proxies

You can now do things like:

npm.commands.view(['voxel-engine'])

and your browser will fetch information from the NPM registry,
via the CORS proxy.

Closes GH-1
Ref https://github.com/deathcap/voxel-plugins/issues/1
---
 demo.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/demo.js b/demo.js
index a85b829..8f43c04 100644
--- a/demo.js
+++ b/demo.js
@@ -28,6 +28,11 @@ var textReplacements = [
 
   // npm/node_modules/npm-registry-client/index.js
   [/client\[name\] = require\(entry\)/g, 'client[name] = window.npmRegistryClientRequire(entry)'],
+
+  // node_modules/npm/node_modules/request somewhere
+  // Disable credentials in XHR for CORS proxies with Access-Control-Allow-Origin: *
+  // TODO: surely a better way to make this change
+  [/params.withCredentials = true/g, 'params.withCredentials = false'],
 ];
 
 // Included file data for staticReadFileSync; this is similar to