From 4f50d6323f468f0fc4cb7c112839290810315853 Mon Sep 17 00:00:00 2001 From: Jake Barnes Date: Wed, 17 Jul 2019 14:46:56 +1000 Subject: [PATCH] Add withCredentials option --- README.md | 1 + lib/socket.js | 2 ++ lib/transport.js | 1 + lib/transports/polling-xhr.js | 4 +++- 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9ab91ca72..ab559f8ca 100644 --- a/README.md +++ b/README.md @@ -196,6 +196,7 @@ Exposed as `eio` in the browser standalone build. will be used instead. - `forceBase64` (`Boolean`): forces base 64 encoding for polling transport even when XHR2 responseType is available and WebSocket even if the used standard supports binary. - `enablesXDR` (`Boolean`): enables XDomainRequest for IE8 to avoid loading bar flashing with click sound. default to `false` because XDomainRequest has a flaw of not sending cookie. + - `withCredentials` (`Boolean`): defaults to `true`, whether to include credentials (cookies, authorization headers, TLS client certificates, etc.) with cross-origin XHR polling requests. - `timestampRequests` (`Boolean`): whether to add the timestamp with each transport request. Note: polling requests are always stamped unless this option is explicitly set to `false` (`false`) diff --git a/lib/socket.js b/lib/socket.js index 0800a1ab6..8a67cfa9d 100644 --- a/lib/socket.js +++ b/lib/socket.js @@ -66,6 +66,7 @@ function Socket (uri, opts) { this.jsonp = false !== opts.jsonp; this.forceBase64 = !!opts.forceBase64; this.enablesXDR = !!opts.enablesXDR; + this.withCredentials = false !== opts.withCredentials; this.timestampParam = opts.timestampParam || 't'; this.timestampRequests = opts.timestampRequests; this.transports = opts.transports || ['polling', 'websocket']; @@ -183,6 +184,7 @@ Socket.prototype.createTransport = function (name) { jsonp: options.jsonp || this.jsonp, forceBase64: options.forceBase64 || this.forceBase64, enablesXDR: options.enablesXDR || this.enablesXDR, + withCredentials: options.withCredentials || this.withCredentials, timestampRequests: options.timestampRequests || this.timestampRequests, timestampParam: options.timestampParam || this.timestampParam, policyPort: options.policyPort || this.policyPort, diff --git a/lib/transport.js b/lib/transport.js index fb043c7ef..9ed5a35e4 100644 --- a/lib/transport.js +++ b/lib/transport.js @@ -30,6 +30,7 @@ function Transport (opts) { this.agent = opts.agent || false; this.socket = opts.socket; this.enablesXDR = opts.enablesXDR; + this.withCredentials = opts.withCredentials; // SSL options for Node.js client this.pfx = opts.pfx; diff --git a/lib/transports/polling-xhr.js b/lib/transports/polling-xhr.js index cc16d9dc9..561fa95fa 100755 --- a/lib/transports/polling-xhr.js +++ b/lib/transports/polling-xhr.js @@ -77,6 +77,7 @@ XHR.prototype.request = function (opts) { opts.agent = this.agent || false; opts.supportsBinary = this.supportsBinary; opts.enablesXDR = this.enablesXDR; + opts.withCredentials = this.withCredentials; // SSL options for Node.js client opts.pfx = this.pfx; @@ -150,6 +151,7 @@ function Request (opts) { this.isBinary = opts.isBinary; this.supportsBinary = opts.supportsBinary; this.enablesXDR = opts.enablesXDR; + this.withCredentials = opts.withCredentials; this.requestTimeout = opts.requestTimeout; // SSL options for Node.js client @@ -224,7 +226,7 @@ Request.prototype.create = function () { // ie6 check if ('withCredentials' in xhr) { - xhr.withCredentials = true; + xhr.withCredentials = this.withCredentials; } if (this.requestTimeout) {