From 7844cd0bec9c8b2cdac5ade8fd8890ec6010bdc5 Mon Sep 17 00:00:00 2001 From: Ghassan Maslamani Date: Wed, 13 Nov 2024 20:31:36 +0100 Subject: [PATCH] fix: include credentials when cookie across subdomains This URL of fetching guest_token is always LMS_ROOT_URL, however in case multisite is being used the guest could be in a different url. This change ensure that cookie is being sent if the other site is a subdomain or shares parent domain with LMS_URL_ROOT This might be realted to openedx/tutor-contrib-aspects/issues/925 --- platform_plugin_aspects/__init__.py | 2 +- platform_plugin_aspects/static/js/embed_dashboard.js | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/platform_plugin_aspects/__init__.py b/platform_plugin_aspects/__init__.py index 49afbc2..ed700f6 100644 --- a/platform_plugin_aspects/__init__.py +++ b/platform_plugin_aspects/__init__.py @@ -5,6 +5,6 @@ import os from pathlib import Path -__version__ = "0.11.4" +__version__ = "0.11.5" ROOT_DIRECTORY = Path(os.path.dirname(os.path.abspath(__file__))) diff --git a/platform_plugin_aspects/static/js/embed_dashboard.js b/platform_plugin_aspects/static/js/embed_dashboard.js index 5555c62..1b169d0 100644 --- a/platform_plugin_aspects/static/js/embed_dashboard.js +++ b/platform_plugin_aspects/static/js/embed_dashboard.js @@ -30,6 +30,7 @@ async function fetchGuestToken() { headers: { "X-CSRFToken": getCookie("csrftoken"), }, + credentials: 'include', body: body, });