Cookie set on root domain not available to subdomain - what am I doing wrong?
问题 Client hosted on subdomain.example.com makes api call to example.com to fetch a cookie. The response has a Set-cookie header and I see the cookie as being returned alright: However, I don't see the cookie saved in the Browser (Chrome, Firefox, Edge) and, as a result, is not sent as a header in subsquent API requests: Set-cookie domain attribute is set to .example.com , but as I read in MDN I think the trailing dot gets ignored. The cookie in question, by the way, is the csrf token secret set