Request: ability to set xmlHttpRequest.withCredentials
See original GitHub issueDo you want to request a feature or report a bug? Feature
What is the current behavior?
xmlHttpRequest.withCredentials
takes on the default value (false
) and I can’t use Pusher auth calls to set cookies.
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem via https://jsfiddle.net or similar.
Example code:
const pusher = new Pusher(REACT_APP_PUSHER_KEY, {
cluster: REACT_APP_PUSHER_CLUSTER,
authEndpoint: `${REACT_APP_BACKEND_HOST}/pusher/auth/web`,
auth: {
headers: {},
params: {
// [irrelevant]
},
},
});
pusher.connect();
REACT_APP_BACKEND_HOST
is potentially on a different origin. When the backend sends
Set-Cookie: connect.sid=s%3AKjPBOeBYzc705H7vq4qnkSXPHV2zF1qi.x7N8w9e2sCc0Z2hQHeWaBy9b73M04gI0qi0WkY%2F%2BbYc; Path=/; Expires=Tue, 22 Sep 2020 03:11:57 GMT; HttpOnly
The cookie is not persisted in the browser.
What is the expected behavior?
Expose the internal xmlHttpRequest
config so I can set withCredentials = true
. I’m using this in the Web runtime.
Which versions of Pusher, and which browsers / OS are affected by this issue?
Did this work in previous versions of Pusher? If so, which?
This hasn’t been an option in the past to my knowledge. I’m using Pusher JS 6.0.3
.
I’ve seen the workarounds suggested in https://github.com/pusher/pusher-js/issues/62, but I’d rather not have to keep up with private API changes and I think this is a widely applicable use case! 🙂
Thank you so much!
Issue Analytics
- State:
- Created 3 years ago
- Reactions:5
- Comments:14 (5 by maintainers)
Top GitHub Comments
@leesio I think that makes perfect sense.
withCredentials
is all I need and it might make it easier with your cross-platform solutions!We can kind of already supply our own which is what I’m doing for now:
But a first-class option would be great. Thank you!
Just stumbled upon this issue myself. Having
includeCredentials: true,
would be really helpful. Thank you.