ico
/
pingql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: use credentials:include for cross-origin API requests

This commit is contained in:
M1 2026-03-18 09:44:50 +04:00
parent 641af86779
commit d278ab0458
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/web/src/dashboard/app.js
View File

@ -13,7 +13,7 @@ function requireAuth() { return true; }
async function api(path, opts = {}) { async function api(path, opts = {}) {
const res = await fetch(`${API_BASE}${path}`, { const res = await fetch(`${API_BASE}${path}`, {
...opts, ...opts,
credentials: 'same-origin', // send cookie automatically credentials: 'include', // send cookie cross-origin to api.pingql.com
headers: { headers: {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
...opts.headers, ...opts.headers,
@ -67,7 +67,7 @@ function watchAccount(onPing) {
async function connect() { async function connect() {
try { try {
const res = await fetch(`${API_BASE}/account/stream`, { const res = await fetch(`${API_BASE}/account/stream`, {
credentials: 'same-origin', credentials: 'include',
signal: ac.signal, signal: ac.signal,
}); });
if (!res.ok || !res.body) return; if (!res.ok || !res.body) return;