From 3d2b5fd28f2179de2a17eef857d5a0dbfe55ca30 Mon Sep 17 00:00:00 2001
From: Matt Fullerton <matt.fullerton@gmail.com>
Date: Wed, 28 Feb 2018 13:55:09 +0100
Subject: [PATCH] Don't pass along credential info

This causes problems with sites that have wildcard CORS set up:
"The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'."

So I was just wondering if there was an overt reason for setting this up this way, or if we can change it, with this provocative commit/PR :-)
---
 ckanext/geoview/public/js/vendor/ol-helpers/ol-helpers.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ckanext/geoview/public/js/vendor/ol-helpers/ol-helpers.js b/ckanext/geoview/public/js/vendor/ol-helpers/ol-helpers.js
index a0827259..1dcd9d11 100644
--- a/ckanext/geoview/public/js/vendor/ol-helpers/ol-helpers.js
+++ b/ckanext/geoview/public/js/vendor/ol-helpers/ol-helpers.js
@@ -1424,7 +1424,7 @@ ol.proj.addProjection(createEPSG4326Proj('EPSG:4326:LONLAT', 'enu'));
                     layer.getSource().setState(ol.source.State.LOADING)
 
                     return fetch(url + (url.indexOf('?') >= 0 ? '&' : '?') + kvp2string(queryParams),
-                        {method:'GET', credentials: 'include'}
+                        {method:'GET'}
                     ).then(
                         function (response) {
                             return response.text();