-
-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
endpoints.xhr.Endpoints
offers to no way to set withCredentials
in the XMLHttpRequest
#404
Comments
endpoints.xhr.Endpoints
offers to no way to set withCredentials
in the XMLHttpRequest`endpoints.xhr.Endpoints
offers to no way to set withCredentials
in the XMLHttpRequest
I am not sure if we should add an option to the The important question here is “should it (the fact that we need to set the |
I'm not convinced that it (the fact that we need to set the I guess it could be part of the service description, but that would require some kind of dedicated authentication/authorization language/algebra...? |
Yes, but so far we don’t have the concept of response headers, which means that you’d have to write an trait Cors extends endpoints.algebra.Endpoints {
def corsEndpoint[A, B](
origin: String,
request: Request[A],
response: Response[B]
): Endpoint[A, B]
} And then implement it on server interpreters to set the That being said, if you’re not convinced that it should be part of the endpoint description, you could just specialize the trait CorsEndpoints extends xhr.Endpoints {
override def request[A, B, C, AB, Out](
method: Method,
url: Url[A],
entity: RequestEntity[B],
docs: Documentation,
headers: RequestHeaders[C]
)(implicit tuplerAB: Tupler.Aux[A, B, AB], tuplerABC: Tupler.Aux[AB, C, Out]): Request[Out] =
new Request[Out] {
def apply(abc: Out) = {
val (ab, c) = tuplerABC.unapply(abc)
val (a, b) = tuplerAB.unapply(ab)
val xhr = makeXhr(method, url, a, headers, c)
xhr.withCredentials = true
(xhr, Some(entity(b, xhr)))
}
def href(abc: Out) = {
val (ab, _) = tuplerABC.unapply(abc)
val (a, _) = tuplerAB.unapply(ab)
url.encode(a)
}
}
} And then mix |
I've now used a second-ish approach to solve my particular problem; thus far it works, which is nice. I however still don't have a clear understanding whether or not this is part of the endpoint description. If I look at i.e. http4s this seems to be a separate concern. |
To be able to use cookies or authentication headers for cross-site requests, the
XMLHttpRequest.withCredentials
property must be set.See https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
Alas,
endpoints.xhr.Endpoints
offers no way to set this.The text was updated successfully, but these errors were encountered: