I set a cookie by making a request from example.io
to api.example.io/set_cookie
. The cookie looks like so:
jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyMjdlNTU5MC0zODJkLTExZWEtOTA0ZC05NzljOTIyNmZiZmQiLCJpYXQiOjE1NzkxNTc3MDkzNDR9.Sz-_8M4M1te82Z-PuG9H8MUNlLGPUGdGLfQ_-YuL9xA; Domain=example.io; Path=/; Expires=Fri, 15 Jan 2021 06:55:09 GMT; HttpOnly
I specify the domain to be example.io
. So, I expect the browser to send this cookie to any subsequent requests to api.example.io
and example.io
. However, this does not happen. I think I'm following the advice in Share cookie between subdomain and domain.