EZP-28851: Added credentials to the request checking if selected item can be considered as an image #357
Conversation
|
Q: Does regenerated *.js.map files should be included in PR? |
| @@ -17,6 +17,7 @@ export default class EzEmbedImageButton extends EzEmbedDiscoverContentButton { | |||
| const request = new Request(selection.item.ContentInfo.Content.ContentType._href, { | |||
| method: 'GET', | |||
| headers: {'Accept': 'application/vnd.ez.api.ContentType+json'}, | |||
There was a problem hiding this comment.
Should we also include X-Siteaccess and X-CSRF-Token headers?
There was a problem hiding this comment.
X-CSRF-Token
not needed for GET
X-Siteaccess
Yes, it is used in the ez-embed so should be used here to.
@sunpietro Should we abstract fetch a bit to avoid these kind of issues happening?
There was a problem hiding this comment.
Or should we rather set mode: 'same-origin' instead of having to set credentials: 'same-origin' all over?
The reason why Cookies are missing is the mode: 'cors' afaik.
In which cases will we send REST request to another domain in these cases?
Ref: https://developer.mozilla.org/en-US/docs/Web/API/Request/mode
|
That's a huge patch. 😮 |
|
Should I worry about Storm complaining? |
|
@adamwojs can you ommit the non relevant map updates? |
… can be considered as an image
|
@andrerom @sunpietro Done. |
|
@adamwojs please merge this up to master |
|
@lserwatka done. |
Added credentials to the request which checks if selected item can be considered as an image. Actual change: https://github.com/ezsystems/ezplatform-admin-ui/pull/357/files#diff-5ed292618b1d024126a31fe3cdd78983R20
Checklist:
$ composer fix-cs)