Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide credentials to relative links only #6360

Merged
merged 2 commits into from
Jul 11, 2020
Merged

Provide credentials to relative links only #6360

merged 2 commits into from
Jul 11, 2020

Conversation

rohankapoorcom
Copy link
Member

@rohankapoorcom rohankapoorcom commented Jul 10, 2020
edited

Proposed change

In #6328, I added functionality to set cross-origin=use-credentials, to pass along credentials when loading Javascript Modules to work around some bugs in Safari.

@bramkragten noticed that this would be applied to requests that are actually going cross origin which was not the intent.

In this PR, I modified the code to check if the url is relative before setting cross-origin=use-credentials. If it's absolute i set it to cross-origin=anonymous, per @balloob's idea.

Type of change

  • Dependency upgrade
  • Bugfix (non-breaking change which fixes an issue)
  • New feature (thank you!)
  • Breaking change (fix/feature causing existing functionality to break)
  • Code quality improvements to existing code or addition of tests

Example configuration

None

Additional information

Checklist

  • The code change is tested and works locally.
  • There is no commented out code in this PR.
  • Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

@rohankapoorcom @balloob
Switch to using a ternary
7dc7369 
Co-authored-by: Paulus Schoutsen <paulus@home-assistant.io>
@balloob balloob merged commit e375408 into home-assistant:dev Jul 11, 2020
@rohankapoorcom rohankapoorcom deleted the provide-credentials-javascript-loading branch July 11, 2020 05:10
@bramkragten bramkragten mentioned this pull request Jul 14, 2020
Merged
@balloob balloob mentioned this pull request Aug 30, 2020
Closed
3 tasks
@github-actions github-actions bot locked and limited conversation to collaborators Jul 5, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@balloob balloob balloob approved these changes

Assignees
No one assigned
Labels
cla-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rohankapoorcom @balloob @homeassistant