DavStorage: add 'with_credentials' option to send domain cookie

This option is false by default to prevent any Cross Origin issue unsupported by most webdav servers

Squashed commit of the following:

commit 1591f5e199f91abca92ba3bb46ee3aa356c976fc
Author: Romain Courteaud <romain@nexedi.com>
Date:   Fri Dec 18 15:56:42 2015 +0100

    DavStorage: rename _withcredentials parameter to with_credentials

    Add tests.
    Update documentation.

commit 33b2113ca5ac42b015264f12776326d848320022
Author: Isabelle Vallet <isabelle.vallet@nexedi.com>
Date:   Wed Dec 16 06:22:08 2015 -0800

    DAV storage: add option for cross-origin cookie propagation.

docs/available_storages.rst

@@ -100,14 +100,17 @@ Example:
 DavStorage
 ^^^^^^^^^^
 
-================   ==========  ==========  ==========================================================
-parameter          required?   type        description
-================   ==========  ==========  ==========================================================
-``type``           yes         string      name of the storage type (here: "dav")
-``url``            yes         string      url of your webdav server
-``basic_login``    no          string      | login and password of your dav, base64 encoded like this:
-                                           | ``btoa(username + ":" + password)``
-================   ==========  ==========  ==========================================================
+=====================   ==========  ==========  ==========================================================
+parameter               required?   type        description
+=====================   ==========  ==========  ==========================================================
+``type``                yes         string      name of the storage type (here: "dav")
+``url``                 yes         string      url of your webdav server
+``basic_login``         no          string      | login and password of your dav, base64 encoded like this:
+                                                | ``btoa(username + ":" + password)``
+``with_credentials``    no          boolean     | true: send domain cookie
+                                                | false: do not send domain cookie
+                                                | default to false.
+=====================   ==========  ==========  ==========================================================
 
 
 Example:

src/jio.storage/davstorage.js

@@ -31,6 +31,13 @@
       }
       options.headers.Authorization = storage._authorization;
     }
+
+    if (storage._with_credentials !== undefined) {
+      if (options.xhrFields === undefined) {
+        options.xhrFields = {};
+      }
+      options.xhrFields.withCredentials = storage._with_credentials;
+    }
 //       if (start !== undefined) {
 //         if (end !== undefined) {
 //           headers.Range = "bytes=" + start + "-" + end;
@@ -78,7 +85,7 @@
     if (typeof spec.basic_login === 'string') {
       this._authorization = "Basic " + spec.basic_login;
     }
-
+    this._with_credentials = spec.with_credentials;
   }
 
   DavStorage.prototype.put = function (id, param) {

test/jio.storage/davstorage.tests.js

@@ -27,18 +27,20 @@
     equal(jio.__type, "dav");
     deepEqual(jio.__storage._url, domain);
     deepEqual(jio.__storage._authorization, undefined);
+    deepEqual(jio.__storage._with_credentials, undefined);
   });
 
   test("Storage store basic login", function () {
     var jio = jIO.createJIO({
       type: "dav",
       url: domain,
-      basic_login: basic_login
+      basic_login: basic_login,
+      with_credentials: true
     });
 
     equal(jio.__type, "dav");
     deepEqual(jio.__storage._url, domain);
-    deepEqual(jio.__storage._authorization, "Basic login:passwd");
+    deepEqual(jio.__storage._with_credentials, true);
   });
 
   /////////////////////////////////////////////////////////////////
@@ -54,7 +56,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -71,7 +74,7 @@
     }, ""]);
 
     stop();
-    expect(7);
+    expect(8);
 
     this.jio.put("/put1/", {})
       .then(function () {
@@ -85,6 +88,7 @@
           Authorization: "Basic login:passwd",
           "Content-Type": "text/plain;charset=utf-8"
         });
+        equal(server.requests[0].withCredentials, true);
       })
       .fail(function (error) {
         ok(false, error);
@@ -181,7 +185,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -198,7 +203,7 @@
     }, ""]);
 
     stop();
-    expect(7);
+    expect(8);
 
     this.jio.remove("/remove1/")
       .then(function () {
@@ -212,6 +217,7 @@
           Authorization: "Basic login:passwd",
           "Content-Type": "text/plain;charset=utf-8"
         });
+        equal(server.requests[0].withCredentials, true);
       })
       .fail(function (error) {
         ok(false, error);
@@ -270,7 +276,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -454,7 +461,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -690,7 +698,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -797,7 +806,7 @@
     }, ""]);
 
     stop();
-    expect(7);
+    expect(8);
 
     this.jio.putAttachment(
       "/putAttachment1/",
@@ -815,6 +824,7 @@
           Authorization: "Basic login:passwd",
           "Content-Type": "text/plain;charset=utf-8"
         });
+        equal(server.requests[0].withCredentials, true);
       })
       .fail(function (error) {
         ok(false, error);
@@ -837,7 +847,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -917,7 +928,7 @@
     }, ""]);
 
     stop();
-    expect(7);
+    expect(8);
 
     this.jio.removeAttachment(
       "/removeAttachment1/",
@@ -934,6 +945,7 @@
           Authorization: "Basic login:passwd",
           "Content-Type": "text/plain;charset=utf-8"
         });
+        equal(server.requests[0].withCredentials, true);
       })
       .fail(function (error) {
         ok(false, error);
@@ -983,7 +995,8 @@
       this.jio = jIO.createJIO({
         type: "dav",
         url: domain,
-        basic_login: basic_login
+        basic_login: basic_login,
+        with_credentials: true
       });
     },
     teardown: function () {
@@ -1063,7 +1076,7 @@
     }, "foo\nbaré"]);
 
     stop();
-    expect(10);
+    expect(11);
 
     this.jio.getAttachment(
       "/getAttachment1/",
@@ -1079,6 +1092,7 @@
         deepEqual(server.requests[0].requestHeaders, {
           Authorization: "Basic login:passwd"
         });
+        equal(server.requests[0].withCredentials, true);
 
         ok(result instanceof Blob, "Data is Blob");
         deepEqual(result.type, "text/plain", "Check mimetype");