Closed Rudokhvist closed 4 years ago
Update: It seems to work without this PR in Chrome, but not in Firefox.
That's odd. I cannot reproduce any problems in Firefox.
Also, according to documentation {credentials: 'same-origin'}
is used by default.
By default,
fetch
won't send or receive any cookies from the server, resulting in unauthenticated requests if the site relies on maintaining a user session (to send cookies, the credentials init option must be set). Since Aug 25, 2017. The spec changed the default credentials policy tosame-origin
. Firefox changed since 61.0b13.
https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
So right now, as I see, cookies sent even without setting init option. Can you confirm the otherwise or provide more info about a problem? Have you tried to relogin? Maybe it's somehow related to poor session mechanic at Alienware Arena site.
I will try to test it further then.
Have you tried to relogin? Maybe it's somehow related to poor session mechanic at Alienware Arena site.
It may be. I will try it too.
So, I found why I had an issue with credentials. It's actually stated in your previous comment:
Since Aug 25, 2017. The spec changed the default credentials policy to same-origin. Firefox changed since 61.0b13.
At work I'm using Firefox ESR (it's installed by default by corporate system administrators), and it has version 60.9.0esr, i.e. prior to changes in fetch
credentials policy. Latest Firefox, both stable and developers versions, works as expected.
I would still suggest to merge this PR, as it should not bring any regressions, but in rare cases of browsers with older default credentials policy it can be actually useful. But it's up to you of course.
it should not bring any regressions, but in rare cases of browsers with older default credentials policy it can be actually useful.
This.
To get badges (and borders) data from /account/personalization we need to provide credentials.