Does CORS Access-Control-Allow-Credentials apply to non-origin/third-party cookies or as well?
I understand if you are cross-communicating with origin A, then if origin A has no Access-Control-Allow-Credentials in the response, you will never be able to reuse Cookies obtained from origin A response.
But what if you got a cookie in t… Continue reading Does CORS Access-Control-Allow-Credentials apply to non-origin/third-party cookies or as well?