diff --git a/README.md b/README.md index 82619182..edfd1404 100644 --- a/README.md +++ b/README.md @@ -158,6 +158,7 @@ Middleware supports the following properties: - `displayOptions` [`object`] - same as [here](#properties) - `headersJS` [`string`, default `"{}"`] - object of headers serialized in string to be used on endpoint url
**Note:** You can also use any JS expression which results in an object with header names as keys and strings as values e.g. `{ Authorization: localStorage['Meteor.loginToken'] }` +- `credentials` [`string`, default `include`] - the credentials read-only property of the Request interface indicates whether the user agent should send cookies from the other domain in the case of cross-origin requests. Please refer to the [Request.credentials](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials) page for more information. ### Express diff --git a/src/middleware/render-voyager-page.ts b/src/middleware/render-voyager-page.ts index 3ca5dd3b..3da1cf90 100644 --- a/src/middleware/render-voyager-page.ts +++ b/src/middleware/render-voyager-page.ts @@ -4,11 +4,16 @@ export interface MiddlewareOptions { endpointUrl: string; displayOptions?: object; headersJS?: string; + credentials?: string; } export default function renderVoyagerPage(options: MiddlewareOptions) { - const { endpointUrl, displayOptions } = options; - const headersJS = options.headersJS ? options.headersJS : '{}'; + const { + endpointUrl, + displayOptions, + headersJS = '{}', + credentials = 'include', + } = options; return ` @@ -50,7 +55,7 @@ export default function renderVoyagerPage(options: MiddlewareOptions) { 'Content-Type': 'application/json', }, ${headersJS}), body: JSON.stringify({query: introspectionQuery }), - credentials: 'include', + credentials: '${credentials}', }).then(function (response) { return response.text(); }).then(function (responseBody) {