revert(ajax): use 'same-origin' credentials

This reverts commit 80b12ee25c via PR #42525.
2021-06-16 16:43:35 +05:30
parent e1ca0ce1f6
commit e402464304
1 changed files with 1 additions and 1 deletions
--- a/client/src/utils/ajax.js
+++ b/client/src/utils/ajax.js
@ -9,7 +9,7 @@ const tokens = new Tokens();

 // TODO: test on staging.  Do we need 'include' everywhere?
 const defaultOptions = {
-  credentials: environment === 'development' ? 'include' : 'same-origin'
+  credentials: environment === 'development' ? 'include' : 'same-site'
 };

 // _csrf is passed to the client as a cookie. Tokens are sent back to the server