supertokens / supertokens-website

Bug description

When making calls using fetch with a URL object the call fails with the following error:

TypeError: url.clone is not a function

The docs in MDN says that fetch should support one of the following resource:

A string or any other object with a stringifier — including a URL object — that provides the URL of the resource you want to fetch.
A Request object.

By modifying the fetch method making some resources not support might break applications on unpredictable ways.

Steps to reproduce the issue

To reproduce the issue simply execute the following code after calling supertokens.Init().

fetch(new URL(("https://localhost:3000/index.html")))
  .then(() => {console.log("fetched")})
  .catch(err => console.log(err))

Code that may be the issue

The issue is located at:

supertokens-website/lib/ts/recipeImplementation.ts

Lines 33 to 42 in ee86184

    
           return async function (url: RequestInfo | URL, config?: RequestInit): Promise<Response> { 
        
               return await AuthHttpRequest.doRequest( 
        
                   (config?: RequestInit) => { 
        
                       return input.originalFetch(typeof url === "string" ? url : (url as Request).clone(), { 
        
                           ...config 
        
                       }); 
        
                   }, 
        
                   config, 
        
                   url 
        
               );

Where a URL objects is unsafely casted to a Request object.

This should have been fixed in supertokens-website sdk version >= 16.0.9

	return async function (url: RequestInfo \| URL, config?: RequestInit): Promise<Response> {
	return await AuthHttpRequest.doRequest(
	(config?: RequestInit) => {
	return input.originalFetch(typeof url === "string" ? url : (url as Request).clone(), {
	...config
	});
	},
	config,
	url
	);

Fetch interceptor breaks fetch api.

Bug description

Steps to reproduce the issue

Code that may be the issue