did you step on the wrong spot?
I suspect that this is intentional by chrome, because cross-domain cookie cannot be operated with js, so it doesn't make much sense.
if you really want to see it, you can read it in application.
is cross-domain, and the same origin policy
ajax credentials
is the same origin policy, which can be put under different ports of the same domain name or under the subdomain name. It cannot be operated under different domain names.
you can try two different domain names here. Online and localhost are different
check the request header with fiddler. It is true that there is a
in the set-cookie field. Since cookie, is indeed set and subsequent requests can also get the cookie, it seems that chrome deliberately hides this field.
throw the pot at chrome for the time being, and then reverse the case later when you have other conclusions.
I am exactly like you. The backend
access-control-allow-origin
access-control-allow-credentials
is also set, and the withCredentials of the front end ajax is also set, but the set-cookie and cookie, can not be seen in network, while firefox can see
.