1. Cookies set from the parent domain are by default not sent to the third party domain in xhr calls even if they from the common parent.
e.g. a.example.com and b.example.com
withCredential = true does the trick
2. Cookies set by the third party domain are not set on the client. The client ignores those headers.
e.g. a.example.com and b.example.com
withCredential = true does the trick
2. Cookies set by the third party domain are not set on the client. The client ignores those headers.
No comments:
Post a Comment