Add fetchParameters to configure fetch

[RuslanZavacky]

This PR adds the ability to configure fetch parameters.

Reference: https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch#Parameters

By default, we set keepalive: true and credentials: true. Keepalive should help to send request even on unload and credentials will pass cookies to the request. Passing cookies are essentials for self-hosted solutions if they are behind authorization that requires cookies (our use case).

Added referrerPolicy: 'origin' as well, as sentry requires referer header to be passed. Without this option it won't work, so making it default seems like a good idea.

---

• If you've added code that should be tested, please add tests.
• If you've modified the API (e.g. added a new config or public method), update the docs and TypeScript declaration file.
• Ensure your code lints and the test suite passes (npm test).

[RuslanZavacky]

This kinda covers #1172

[RuslanZavacky]

Build failure here is a legit, as it relates to the #1149 merge.

And it seems its because of the chromium bug, that it does not return correct resourceType.

https://bugs.chromium.org/p/chromium/issues/detail?id=765501

[kamilogorek]

I'm not very keen to add more and more config options. Especially that we already have transport attribute which can achieve all of this. In addition to that, it'd make fetch and XHR two completely separate entities, and they should always work in-line, as we default to XHR if no fetch is available.

Setting sane defaults is totally fine, but I'm not convinced for the rest. @MaxBittker @HazAT what do you think about it guys?

[RuslanZavacky]

@kamilogorek headers & fetchParameters are different, as headers can be used for fetch and for XHR. transport is not really friendly, as you have to overwrite the whole logic, and to support that between updates is really hard. XHR already supported auth and passing cookies.

When fetch was added initially in another PR, passing parameters should've been implemented as fetch initially is too 'limited' to work out of the box. Which makes it more secure, but limited.

As a summary, in the current state, for more sophisticated setups, eg. hosted sentry behind authorization (cookie based), it's not gonna work at all now :(

[kamilogorek]

@RuslanZavacky I asked @HazAT for an opinion, and we can move forward and merge it. I'll try to release it tomorrow after I make sure that there's nothing left that I could add to the next version :)

[RuslanZavacky]

🎉 🎉 🎉 thank you, guys!