example
Cookies
"uid" set by
site.com
- domain: none
- secure
- samesite: none
"sid" set by
site.com
- domain: site.com
- path: /admin
- secure
- samesite: strict
"lang" set by
prefs.site.com
- domain: site.com
- samesite: lax
Requests
Which cookies are attached to a request from
https://www.site.com
to:
http://site.com/
lang (because not https)
https://site.com/
uid, lang (because of path)
https://site.com/admin/
uid, sid, lang
https://a.site.com/admin/
sid, lang (because in uid domain = none)
Which cookies are attached to a request from
https://www.example.com
(triggered by user clicking a link) to:
http://site.com/
lang
https://site.com/
uid, lang
https://site.com/admin/
uid, lang
https://a.site.com/admin/
lang
(Identical to above except sid is missing everywhere because sameSite = strict)