I followed the example: http://arunranga.com/examples/access-control/credentialedRequest.html
from this page: http://arunranga.com/examples/access-control/
The e
Safari also blocks cookies from sites that haven't been visited directly. You can see in the security settings. It's default setting is Accept cookies: "Only from sites I visit".
This will help get you started. Setting cross-domain cookies in Safari
I have jsonp working in safari using methods in the above link. So assumed that the cookie would work in the CORS context, but at this stage it doesn't seem to be working. Also, changing the security setting seems to have no effect.
Safari might demand a stricter set of headers to be returned?