support xhr authorization

Author: guybedford

src/system-fetch.js

@@ -1,6 +1,6 @@
   var fetchTextFromURL;
   if (typeof XMLHttpRequest != 'undefined') {
-    fetchTextFromURL = function(url, fulfill, reject) {
+    fetchTextFromURL = function(url, authorization, fulfill, reject) {
       var xhr = new XMLHttpRequest();
       var sameDomain = true;
       var doTimeout = false;
@@ -40,8 +40,15 @@
       };
       xhr.open("GET", url, true);
 
-      if (xhr.setRequestHeader)
+      if (xhr.setRequestHeader) {
         xhr.setRequestHeader('Accept', 'application/x-es-module */*');
+        // can set "authorization: true" to enable withCredentials only
+        if (authorization) {
+          if (typeof authorization == 'string')
+            xhr.setRequestHeader('Authorization', authorization);
+          xhr.withCredentials = true;
+        }
+      }
 
       if (doTimeout)
         setTimeout(function() {
@@ -53,7 +60,7 @@
   }
   else if (typeof require != 'undefined') {
     var fs;
-    fetchTextFromURL = function(url, fulfill, reject) {
+    fetchTextFromURL = function(url, authorization, fulfill, reject) {
       if (url.substr(0, 8) != 'file:///')
         throw new Error('Unable to fetch "' + url + '". Only file URLs of the form file:/// allowed running in Node.');
       fs = fs || require('fs');
@@ -82,6 +89,6 @@
 
   SystemLoader.prototype.fetch = function(load) {
     return new Promise(function(resolve, reject) {
-      fetchTextFromURL(load.address, resolve, reject);
+      fetchTextFromURL(load.address, undefined, resolve, reject);
     });
   };