I'd like to have multiple XmlHttpRequests use different sets of cookies, to keep multiple users logged in on the same site. What is the best way to achieve this?
Note that if required, I can use local storage to keep additional cookie sets between requests. But I still do not know how to use XmlHttpRequest with cookies different from the browser-wide cookies for the site.
You just can't. XmlHttpRequest will always use the browser-wide cookies for that site, you'd need to change that set (to one from localStorage, for example).
For cross-origin requests you can only tell the browser that the cookies should be used, as suggested in How do I SET a Cookie (header) with XMLHttpRequest in JavaScript?.
From the specs for xhr:
If the user agent supports HTTP State Management it should persist, discard and send cookies (as received in the Set-Cookie response header, and sent in the Cookie header) as applicable. [COOKIES]
...and the cookie headers are not allowed to be overwritten in the setRequestHeader() method, you can't set them manually per-request.
