CORS - cookie不会被发送甚至设置

Question

我已设置withCredentials = true，我从服务器获取以下标头

Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,Referer
Access-Control-Allow-Methods:GET, POST, OPTIONS
Access-Control-Allow-Origin:.mydomain.com
Connection:keep-alive
Content-Type:application/json
Date:Tue, 06 Aug 2013 12:37:47 GMT
Server:nginx/1.1.19
Set-Cookie:sessionid=zjn8naedymjj6mm0aqjgxljbs3u1njzf; expires=Tue, 20-Aug-2013 12:37:47 GMT; httponly; Max-Age=1209600; Path=/
Transfer-Encoding:chunked
Vary:Cookie

但cookie未在下次请求时设置或传输。

Answer 1

事实证明，我不能将.domain.com（通配符）与Access-Control-Allow-Origin一起使用，我必须使用“http://exact.subdomain.example.com”