}
xhr.open(method, params.serverUrl + url, true);
xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
- // Next line because logout and authenticate set (cross-domain in dev mode) cookies
- if (url.startsWith("/authenticate") || url.startsWith("/logout"))
- xhr.withCredentials = true;
+ // Next line to allow cross-domain cookies in dev mode (TODO: if...)
+ xhr.withCredentials = true;
if (["POST","PUT"].includes(method))
{
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");