By default, cookies are not sent in AJAX
requests. This means that a server session
will not work. Usually, we still need to
pass cookies. It can be enabled by
credentials
setting.
The 'include'
value will cause cookies
to be passed with the AJAX request (even if
the request is cross-origin):
fetch('https://example.com', {
credentials: 'include'
});
The 'same-origin'
value will also cause
cookies to be passed, but only to the site where
the script is running:
fetch('https://example.com', {
credentials: 'same-origin'
});
The 'omit'
value disables the
transmission of cookies:
fetch('https://example.com', {
credentials: 'omit'
});