Explicitly send cookies in fetch

Not sent by default in old browsers

modules/ppcp-button/resources/js/modules/ActionHandler/CartActionHandler.js

@@ -16,6 +16,7 @@ class CartActionHandler {
                 this.config.bn_codes[this.config.context] : '';
             return fetch(this.config.ajax.create_order.endpoint, {
                 method: 'POST',
+                credentials: 'same-origin',
                 body: JSON.stringify({
                     nonce: this.config.ajax.create_order.nonce,
                     purchase_units: [],

modules/ppcp-button/resources/js/modules/ActionHandler/CheckoutActionHandler.js

@@ -31,6 +31,7 @@ class CheckoutActionHandler {
 
             return fetch(this.config.ajax.create_order.endpoint, {
                 method: 'POST',
+                credentials: 'same-origin',
                 body: JSON.stringify({
                     nonce: this.config.ajax.create_order.nonce,
                     payer,

modules/ppcp-button/resources/js/modules/ActionHandler/FreeTrialHandler.js

@@ -18,6 +18,7 @@ class FreeTrialHandler {
 
         fetch(this.config.ajax.vault_paypal.endpoint, {
             method: 'POST',
+            credentials: 'same-origin',
             body: JSON.stringify({
                 nonce: this.config.ajax.vault_paypal.nonce,
                 return_url: location.href

modules/ppcp-button/resources/js/modules/ActionHandler/SingleProductActionHandler.js

@@ -80,6 +80,7 @@ class SingleProductActionHandler {
                     this.config.bn_codes[this.config.context] : '';
                 return fetch(this.config.ajax.create_order.endpoint, {
                     method: 'POST',
+                    credentials: 'same-origin',
                     body: JSON.stringify({
                         nonce: this.config.ajax.create_order.nonce,
                         purchase_units,

modules/ppcp-button/resources/js/modules/DataClientIdAttributeHandler.js

@@ -27,6 +27,7 @@ const storeToken = (token) => {
 const dataClientIdAttributeHandler = (script, config) => {
     fetch(config.endpoint, {
         method: 'POST',
+        credentials: 'same-origin',
         body: JSON.stringify({
             nonce: config.nonce
         })

modules/ppcp-button/resources/js/modules/Helper/UpdateCart.js

@@ -20,6 +20,7 @@ class UpdateCart {
                 this.endpoint,
                 {
                     method: 'POST',
+                    credentials: 'same-origin',
                     body: JSON.stringify({
                         nonce: this.nonce,
                         products,
@@ -42,4 +43,4 @@ class UpdateCart {
     }
 }
 
-export default UpdateCart;
+export default UpdateCart;

modules/ppcp-button/resources/js/modules/OnApproveHandler/onApproveForContinue.js

@@ -2,6 +2,7 @@ const onApprove = (context, errorHandler) => {
     return (data, actions) => {
         return fetch(context.config.ajax.approve_order.endpoint, {
             method: 'POST',
+            credentials: 'same-origin',
             body: JSON.stringify({
                 nonce: context.config.ajax.approve_order.nonce,
                 order_id:data.orderID,

modules/ppcp-button/resources/js/modules/OnApproveHandler/onApproveForPayNow.js

@@ -5,6 +5,7 @@ const onApprove = (context, errorHandler, spinner) => {
 
         return fetch(context.config.ajax.approve_order.endpoint, {
             method: 'POST',
+            credentials: 'same-origin',
             body: JSON.stringify({
                 nonce: context.config.ajax.approve_order.nonce,
                 order_id:data.orderID,

modules/ppcp-onboarding/assets/js/onboarding.js

@@ -80,6 +80,7 @@ const ppcp_onboarding = {
 
             fetch(PayPalCommerceGatewayOnboarding.pui_endpoint, {
                 method: 'POST',
+                credentials: 'same-origin',
                 body: JSON.stringify({
                     nonce: PayPalCommerceGatewayOnboarding.pui_nonce,
                     checked: onboard_pui.checked

modules/ppcp-order-tracking/resources/js/order-edit-page.js

@@ -20,6 +20,7 @@ document.addEventListener(
             submitButton.setAttribute('disabled', 'disabled');
             fetch(config.ajax.tracking_info.endpoint, {
                 method: 'POST',
+                credentials: 'same-origin',
                 body: JSON.stringify({
                     nonce: config.ajax.tracking_info.nonce,
                     transaction_id: transactionId ? transactionId.value : null,

modules/ppcp-vaulting/resources/js/myaccount-payments.js

@@ -10,6 +10,7 @@ document.addEventListener(
                 PayPalCommerceGatewayVaulting.delete.endpoint,
                 {
                     method: 'POST',
+                    credentials: 'same-origin',
                     headers: {
                         'content-type': 'application/json'
                     },

modules/ppcp-webhooks/resources/js/status-page.js

@@ -10,6 +10,7 @@ document.addEventListener(
                 PayPalCommerceGatewayWebhooksStatus.resubscribe.endpoint,
                 {
                     method: 'POST',
+                    credentials: 'same-origin',
                     headers: {
                         'content-type': 'application/json'
                     },
@@ -52,6 +53,7 @@ document.addEventListener(
                     PayPalCommerceGatewayWebhooksStatus.simulation.start.endpoint,
                     {
                         method: 'POST',
+                        credentials: 'same-origin',
                         headers: {
                             'content-type': 'application/json'
                         },
@@ -106,6 +108,7 @@ document.addEventListener(
                         PayPalCommerceGatewayWebhooksStatus.simulation.state.endpoint,
                         {
                             method: 'GET',
+                            credentials: 'same-origin',
                         }
                     );