Skip to content

Commit 184b647

Browse files
committed
Expand caveats with notes about cookies
1 parent f84ea6d commit 184b647

1 file changed

Lines changed: 30 additions & 2 deletions

File tree

README.md

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,20 @@ fetch('/avatars', {
108108
})
109109
```
110110

111-
### Success and error handlers
111+
### Caveats
112+
113+
The `fetch` specification differs from other ajax implementations in mainly two
114+
ways that bear keeping in mind:
115+
116+
* The Promise returned from `fetch()` **won't reject on HTTP error status**
117+
even if the response is a HTTP 404 or 500. Instead, it will resolve normally,
118+
and it will only reject on network failure, or if anything prevented the
119+
request from completing.
120+
121+
* By default, `fetch` **won't send any cookies** to the server, resulting in
122+
unauthenticated requests if the site relies on maintaining a user session.
123+
124+
#### Handling HTTP error statuses
112125

113126
This causes `fetch` to behave like jQuery's `$.ajax` by rejecting the `Promise`
114127
on HTTP failure status codes like 404, 500, etc. The response `Promise` is
@@ -136,7 +149,22 @@ fetch('/users')
136149
})
137150
```
138151

139-
### Response URL caveat
152+
#### Sending cookies
153+
154+
To have `fetch` automatically use cookies for the current domain, the
155+
`credentials` option must be provided:
156+
157+
```javascript
158+
fetch('/users', {
159+
credentials: 'same-origin'
160+
})
161+
```
162+
163+
This option makes `fetch` behave similar to XMLHttpRequest with regards to
164+
cookies. Otherwise, cookies won't get sent, resulting in these requests not
165+
preserving the authentication session.
166+
167+
#### Obtaining the Response URL
140168

141169
The `Response` object has a URL attribute for the final responded resource.
142170
Usually this is the same as the `Request` url, but in the case of a redirect,

0 commit comments

Comments
 (0)