From bf603e826f3c2aaabf0775e553c15e5be0518c80 Mon Sep 17 00:00:00 2001 From: James Talmage Date: Tue, 30 Jun 2015 01:11:38 -0400 Subject: [PATCH] Document withCredentials and its non standard default `withCredentials` defaults to `false` on `XMLHttpRequest`, but the opposite was chosen in this library. This can cause difficult to understand failures depending on the CORS headers returned by the server (it's an issue when calling the GitHub v3 API for example). The alternative would be to default to `false` to stay consistent with `XMLHttpRequest`, but that is likely a breaking change for some downstream apps, and I am going to assume the current strategy was chosen for a reason. --- readme.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/readme.markdown b/readme.markdown index bd5c14b..9ccf45d 100644 --- a/readme.markdown +++ b/readme.markdown @@ -41,6 +41,7 @@ where `opts` are: * `opts.host=window.location.host` - http host * `opts.port=window.location.port` - http port * `opts.responseType` - response type to set on the underlying xhr object +* `opts.withCredentials` - sets `withCredentials` on underlying xhr object. Defaults to true, *which is opposite the default on `XMLHttpRequest`* The callback will be called with the response object.