I have a php script on a domain called domain1.com/post_data.php . This script makes an AJAX call to another script hosted on another domain: domain2.com/set_data.php. set_data.php expects some post variables and writes them to a table....everything is working just fine (because CORS is enabled on domain2.com in case you were wondering :)).
My question/issue is: domain2.com/set_data.php starts a session on its end and "writes/reads" the session id from a cookie....where is this cookie stored? Does domain1.com/post_data.php have access to the cookie set by the remote server script ?
I am writing the session id set by domain2.com in a db there and the session id written to the DB by domain2.com does NOT match with the session id written in a cookie on domain1.com (I checked by reading the PHP SessionID cookie on domain1.com).
You can only view or set cookies that are valid for the current domain. i.e domain1.com script cannot see domain2.com's cookies.
As answered here there is absolutely no way for domain.com to set a cookie for domain1.com.