From d68d1d0434e870b7fed39665be2d8c33afe07eb6 Mon Sep 17 00:00:00 2001
From: Frederic van der Essen <fva@openerp.com / fvdessen+o@gmail.com>
Date: Mon, 27 Oct 2014 12:28:47 +0100
Subject: [PATCH] [FIX] web: cors rpc calls were missing the session cookie,
 resulting in new sessions being created for every call

---
 addons/web/static/src/js/openerpframework.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/addons/web/static/src/js/openerpframework.js b/addons/web/static/src/js/openerpframework.js
index 5dcc2197944..34fe523753c 100644
--- a/addons/web/static/src/js/openerpframework.js
+++ b/addons/web/static/src/js/openerpframework.js
@@ -1018,11 +1018,11 @@ openerp.Session = openerp.Class.extend(openerp.PropertiesMixin, {
     },
     check_session_id: function() {
         var self = this;
-        if (this.avoid_recursion || self.use_cors)
+        if (this.avoid_recursion)
             return $.when();
         if (this.session_id)
             return $.when(); // we already have the session id
-        if (this.override_session || ! this.origin_server) {
+        if (!this.use_cors && (this.override_session || ! this.origin_server)) {
             // If we don't use the origin server we consider we should always create a new session.
             // Even if some browsers could support cookies when using jsonp that behavior is
             // not consistent and the browser creators are tending to removing that feature.