Configure custom fetch options (so can pass cookies/custom headers, etc.)
In server library:
when streaming make so inherits "Access-Control-Allow-Origin" header from CORs/app rather than from the data streamer.
On server implementation:
Add ability to get authorized user from the cookie that CorpSecure sets in lower level envs.
Explicitly add requireRequestOrigin() and requireValidIpAddress() middleware and logic to add these to the conversation custom data b/c the new functionality to get the auth user overrides the defaults which used these.
Todos:
[x] Test to make sure adding authUser from cookie works
However, the staging site that sits behind CDN + firewall will not work for this functionality (https://knowledge.staging.corp.mongodb.com/). This site isn't behind CorpSecure, just IP-restricted firewall.
Jira: https://jira.mongodb.org/browse/EAI-206
Changes
In UI library:
In server library:
"Access-Control-Allow-Origin"
header from CORs/app rather than from the data streamer.On server implementation:
requireRequestOrigin()
andrequireValidIpAddress()
middleware and logic to add these to the conversation custom data b/c the new functionality to get the auth user overrides the defaults which used these.Todos:
Notes