The tiankeng where the cross-domain cookie is invalid (the server has cross-domain configuration), the client needs to carry the cookie when sending the request to the server, because there is a cross-domain problem in the separation of the front and back ends, chrome and edge need to set the cross-domain to carry the cookie SameSite = None of the cookie, and at the same time it is required to set the SameSite = None of the cookie, the secure=true of the cookie must be set. If secure=true is set, the cookie must be carried under the Https protocol in theory.
But after setting the sameSite = None and secure=true for the cookie, the http protocol can carry the cookie normally in chrome and edge (as shown in Figure 1 and Figure 2), but not in the 360 browser (as shown in Figure 3). If you set SameSite = None and secure=false, the 360 browser is normal, but chrome and edge will not work (as shown in Figure 4). Https protocol is required to carry cookies.
This is a big pit!
In order that all browsers can use the Http protocol to carry cookies, nginx will be used later, and cross-domain will not be performed.
Figure 1
Picture 2
Figure 3
Figure 4