Set Cookie Recived from Server.com to Client.com application cookie

Question

so

1. i have my backend java hosted on render
2. i have my frontend react js hosted on firebase

actual hosted URL's Render : https://back-i2pj.onrender.com Firebase : https://valyrian.web.app

now i'm making a POST call to https://back-i2pj.onrender.com/api/auth/signin in response header's i'll recive a cookie in set-cookie header
ex header : Set-Cookie: username=example; Max-Age=3600; Expires=Wed, 16 Oct 2024 19:23:32 GMT; Domain=valyrian.web.app; Path=/; Secure; SameSite=None

my client dosen't have cookie in application -> cookies -> valyriansafe.web.app

my cookie configuration in spring is

  public void setCookieValue(String key, String value,Boolean httpOnly) {
    Cookie cookie = new Cookie(key, value);
    cookie.setDomain("valyrian.web.app");
    cookie.setPath("/");
    cookie.setHttpOnly(httpOnly);
    cookie.setMaxAge(Integer.parseInt(JWT_TOKEN_EXPIRY_MS) / 1000); // token expiration time in seconds
    cookie.setSecure(true); // Set to true if using HTTPS
    cookie.setAttribute("SameSite", "None");
    response.addCookie(cookie);
  }

Expected behavior is it should be in application -> cookies -> valyriansafe.web.app

document.cookie is also null

Expected behavior is it should be in application -> cookies -> valyriansafe.web.app enter image description here

Answer 1

Quote simple, ANY cookie MUST come from the domain the request-response is made You CANNOT obtain a cookie from ANY different server domain to the client!!!!! The response URL domain in the client must be the domain and path level for the cookie! See RFC 6265 https://datatracker.ietf.org/doc/html/rfc6265