fix: Pass credentials with API requests when required to work with Cloudflare Access (#1867)
This commit is contained in:
parent
0d88a1dfda
commit
e2d7d34f30
|
@ -1,6 +1,7 @@
|
|||
// @flow
|
||||
import invariant from "invariant";
|
||||
import { map, trim } from "lodash";
|
||||
import { getCookie } from "tiny-cookie";
|
||||
import stores from "stores";
|
||||
import download from "./download";
|
||||
import {
|
||||
|
@ -18,6 +19,11 @@ type Options = {
|
|||
baseUrl?: string,
|
||||
};
|
||||
|
||||
// authorization cookie set by a Cloudflare Access proxy
|
||||
const CF_AUTHORIZATION = getCookie("CF_Authorization");
|
||||
// if the cookie is set, we must pass it with all ApiClient requests
|
||||
const CREDENTIALS = CF_AUTHORIZATION ? "same-origin" : "omit";
|
||||
|
||||
class ApiClient {
|
||||
baseUrl: string;
|
||||
userAgent: string;
|
||||
|
@ -91,7 +97,7 @@ class ApiClient {
|
|||
body,
|
||||
headers,
|
||||
redirect: "follow",
|
||||
credentials: "omit",
|
||||
credentials: CREDENTIALS,
|
||||
cache: "no-cache",
|
||||
});
|
||||
} catch (err) {
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
href="/favicon-32.png"
|
||||
sizes="32x32"
|
||||
/>
|
||||
<link rel="manifest" href="/manifest.json" />
|
||||
<link rel="manifest" href="/manifest.json" crossorigin="use-credentials" />
|
||||
<link
|
||||
rel="search"
|
||||
type="application/opensearchdescription+xml"
|
||||
|
|
Reference in New Issue