Apollo-link: Enable `credentials: 'same-origin'` by default (or allow an option to enable it easily)

Created on 22 Sep 2017 · 5Comments · Source: apollographql/apollo-link

The old ApolloClient automatically passed cookies.
HttpLink, BatchHttpLink uses apollo-fetch, which uses isomorphic-fetch. By default, isomorphic-fetch doesn't send cookies.

The current workaround is pretty complicated:

    const uri = '/api/graphql';

    // by default, apollo-link-http doesn't send cookies
    const customFetch = (uri, options) =>
        fetch(uri, {
            ...options,
            credentials: 'same-origin',
        });

    // create an apollo fetch instance with our hacked fetch instance
    const apolloFetch = createApolloFetch({
        uri,
        customFetch,
    });

    const link = new BatchHttpLink({ uri, fetch: apolloFetch })

This problem can be solved in multiple ways:

1) we could enable it by default to mimic the old version
2) we could add another option to apollo-link-http and apollo-link-batch-http, called fetchOption, so we could just do something like

const fetchOptions = {
    credentials: 'same-origin',
};

const link = new BatchHttpLink({ uri, fetchOptions });

I'm willing to do the fix + the tests, just need help on figuring which way we want to go :-)

Intended outcome:
Cookies should be sent when doing a request

Actual outcome:
No cookies are being sent

Source

maktouch

👍5

Most helpful comment

+1 to @mjfaga, I'm having this same issue with BatchHttpLink

kimberlysuazo on 7 Dec 2017

👍3

All 5 comments

Bleh, duplicate of #44

Sorry!

maktouch on 22 Sep 2017

I'm not sure this is truly a full duplicate of #44. That issue only addressed HttpLink, not BatchHttpLink. We still need to use that same workaround until BatchHttpLink is updated to also support credentials.

Can we re-open this issue until BatchHttpLink is also addressed?