fix: CORS issues with new websocket implementation

[gismya]

• I have added automatic tests where applicable
• The PR title is suitable as a release note
• The PR contains a description of what has been changed
• The description contains manual test instructions

Changes

This removes the headers that are the (probable) cause of the CORS issues seen in the browser when the origin of the script isn't the same as the origin of the event server. It removes the extra headers added during the fetch and instead copies the implementation from the old XHR implementation. The relevant changes are the changes in the second commit, the first one simple reverts the revert of the new websocket client.

Test

Unfortunately I'm unsure how to test this before we get it to a test release.

[ffMathy]

If we can help testing this (and if you trust us), let us know.

We can't test the server side though for obvious reasons. But we can test the client side!

[gismya]

If you could verify that I didn't mess up my revert-revert of the node code - and that things that worked for you previously still works (And hopefully that registring actions work as well), that would be great.

[ffMathy]

Great! Will do that as soon as an alpha is published 🙏

[ffMathy]

@gismya we noticed the 1.9.0 alpha is on GitHub, but not NPM. Can you publish it there? Then we'll have it checked.

[ffMathy]

We have now gotten to migrating our widget actions as well to TypeScript. This means we now need a version that both runs on the client and server.

This is a unique opportunity to help you guys test the CORS issues.

Let us know if that's of relevance. We just need it published to NPM in that case.

[gismya]

I wrote an answer yesterday that I obviously forgot to send, I'm sorry.

I had some problems with our pre-release pipeline, and the person who knows how they work is out this week. Since it's possible to test by installing the package from Git directly I used that instead of troubleshooting something our pipeline guy probably could solve in a matter of minutes.

The only problem if you do want to install through git is that the preinstall script (that is removed in the deployed version), requires husky to be set up in the project it's installed to. There is a --ignore-scripts that should work if you don't have husky and want to try.

But, everything seems to be working, and I'm hoping to get this through and be able to create a real release before the weekend.

[ffMathy]

That sounds amazing! Great work! Also looks like the current code is sound.

Looking forward to it! 😍

[gismya]

I ended up improving the reconnect behavior as well, so it will be a bit longer before we get it as a stable release, but I'll try to get a pre-release out as soon as possible.

[ffMathy]

I ended up improving the reconnect behavior as well, so it will be a bit longer before we get it as a stable release, but I'll try to get a pre-release out as soon as possible.

Awesome stuff!

[lucaas]

I tried to break it, but wasn't able to - good job! 🏁