How do browser cookie domains work?
Although there is the RFC 2965 (Set-Cookie2, had already obsoleted RFC 2109) that should define the cookie nowadays, most browsers don’t fully support that but just comply to the original specification by Netscape. There is a distinction between the Domain attribute value and the effective domain: the former is taken from the Set-Cookie header field … Read more