fix: default fetch credentials to 'same-origin'

[dsanders11]

For modern implementations of fetch this is already the default, but in 2017 this wasn't true, so browsers exist in the wild which default to 'omit'.

An example of this would be Firefox 57, if anyone wants to test.

This PR seeks to make things work out-of-the-box. Currently with Apollo Link, you won't get credentials for a small range of browsers - those that natively implemented fetch, but before the spec changed to have credentials default to 'same-origin'. Polyfilled browsers will follow the latest spec, so it's only this small subsection of browsers which will mysteriously fail currently.

TODO:

• [x] Make sure all of new logic is covered by tests and passes linting
• [ ] Update CHANGELOG.md with your change

[codecov-io]

Codecov Report

Merging #1248 into master will increase coverage by <.01%. The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #1248      +/-   ##
==========================================
+ Coverage    95.6%   95.61%   +<.01%     
==========================================
  Files          22       22              
  Lines        1116     1118       +2     
  Branches      174      175       +1     
==========================================
+ Hits         1067     1069       +2     
  Misses         44       44              
  Partials        5        5

Impacted Files	Coverage Δ
packages/apollo-link-http-common/src/index.ts	92.95% <100%> (+0.2%)	:arrow_up:

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update d56fce6...9f8c2a7. Read the comment docs.