Cookies和同源政策之间的关系?

 收藏

Ps: Because Google Chrome recently change the behavior about Cookie's samesite default to Lax,I'm not really sure which cookie in my app will affected by this change.

最近,我对Cookie和相同来源政策感到非常困惑。

As I know, when on website www.a.com we can't set cookie which domain is .b.com.Does this happen because the Same Origin Policy or anything else?

Can I set a cookie which attribute domain is .a.b.com so that only request to www.a.b.com will send with this cookie but request to www.b.com will not?

它们是同一站点的cookie和跨站点的cookie,如何确定是同一站点还是跨站点的cookie?这是否像“跨域请求”?

我读了一些帖子,有人告诉Cookie的域名是关于公共后缀的,但是我仍然不知道。

任何帮助表示赞赏,谢谢。

回复