I have a question about cookies relationship between base domain (base.com) and subdomain (sub.base.com).
I have just faced with a problem that I can't add a cookie to base domain if I already have a cookie with the same name for any of subdomains of this base domain if a cookie which has been set for subdomain is only for secure connection (https) and a cookie which I want to set for base domain is for non-secure connection (http).
Let me show an example for you. It's hard to explain.
Expectations:
Two different cookies. The first to sub.base.com with a value 'qwe'. The second to .base.com with a value 'zxc'.
Reality:
One cookie for sub.base.com with a value 'qwe'.
So, seems like we can't set a new non-secure cookie for a base domain if the name of a cookie we try to set will be equal to any name of secured cookies from subdomains.
I have tried to search something via google and I have read sections about cookies at RFC6265 but found nothing.
Is it works fine or it's a bug?
I hope someone has any info about this. Thanks.
P.S: I know that I can't do anything with secured cookies via unsecured connection but come on. This cookie is for different domain.
P.P.S: It also doesn't work even if I try to set a cookie with a different path.
P.P.P.S: osx 10.14.1 - Google Chrome 70.0.3538.110