My problem is my website with NodeJS server does not send cookie back to server correctly with its request header when I make the request from www.mydomain.com (with www).
The server sets cookie as below parameters:
httpOnly: true,
domain: '.mydomain.com',
sameSite: 'LAX'
I checked in Postman that the server does send cookie back with domain shown as "mydomain.com" (I think Postman doesn't show . in front of the domain).
Case 1. Browser Address: www.mydomain.com Request Address in JS: mydomain.com Problem: Cookie is not included in the request header. Here, the browser shows that I have the cookie from .mydomain.com.
Case 2. Browser Address: mydomain.com Request Address in JS: mydomain.com No problem here. Cookie is correctly included in the request header.
It is vice versa when I make the Request Address in JS as www.mydomain.com, as then it doesn't work when the Browser Address is just mydomain.com. Answers to similar questions suggests adding "." to mydomain.com for setting domain for the cookie, but the problem persists even with that solution.
I tried adding/removing same-site LAX, but it still does not work.
I have also tried changing my DNS settings so that the www is changed from CNAME to A record, hoping it would somehow solve the problem, but the problem is still there.
As a last resort, I am hoping someone could please help me out with this mystery that consumed my entire week.
Thanks in advance, any help would be appreciated.
