feat(add-headers):

- Adds 2 new settings to BaseAPI, xhrWithCredentials and xhrHeaders.
  - xhrWithCredentials is set to false default to make this a non breaking change but will allow people to set this to try to send Domain Cookies
  - xhrHeaders gives the ability to add custom headers to the XHR Request to the LMS, allowing additional information to be sent

src/BaseAPI.js

@@ -29,6 +29,8 @@ export default class BaseAPI {
     selfReportSessionTime: false,
     alwaysSendTotalTime: false,
     strict_errors: true,
+    xhrHeaders: {},
+    xhrWithCredentials: false,
     responseHandler: function(xhr) {
       let result;
       if (typeof xhr !== 'undefined') {
@@ -1093,6 +1095,15 @@ export default class BaseAPI {
       if (!settings.sendBeaconCommit) {
         const httpReq = new XMLHttpRequest();
         httpReq.open('POST', url, settings.asyncCommit);
+
+        if(Object.keys(settings.xhrHeaders).length) {
+          Object.keys(settings.xhrHeaders).forEach((header) => {
+            httpReq.setRequestHeader(header, settings.xhrHeaders[header])
+          })
+        }
+
+        httpReq.withCredentials = settings.xhrWithCredentials
+
         if (settings.asyncCommit) {
           httpReq.onload = function(e) {
             if (typeof settings.responseHandler === 'function') {