HMR host behind cookie authentication

### Description

I'm using Coder to deploy apps. In coder workspace, every port is exposed with a subdomain, for example:
80-****.coder.example.com (For web app, In my case it is Laravel server)
5174-****.coder.example.com (Vite HMR server)
These urls is behind stateful authentication which requires certain cookies to be sent, but when I hit `5174-****.coder.example.com` directly from my browser I can visit the page, but when cross-site requests happens, loading `5174-****.coder.example.com` script from `80-****.coder.example.com` then the request to `5174-****.coder.example.com` gets redirected to coder's authentication page due to the request doesn't carry the cookies needed for authentication.

### Suggested solution

Possible solution is allowing the user to configure the value of crossorigin="use-credentials" attribute for the script tag generated by vite.

### Alternative

_No response_

### Additional context

_No response_

### Validations

- [x] Follow our [Code of Conduct](https://github.com/vitejs/vite/blob/main/CODE_OF_CONDUCT.md)
- [x] Read the [Contributing Guidelines](https://github.com/vitejs/vite/blob/main/CONTRIBUTING.md).
- [x] Read the [docs](https://vite.dev/guide).
- [x] Check that there isn't already an issue that request the same feature to avoid creating a duplicate.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

HMR host behind cookie authentication #20613

Description

Suggested solution

Alternative

Additional context

Validations

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

HMR host behind cookie authentication #20613

Description

Description

Suggested solution

Alternative

Additional context

Validations

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions