domain
option rules
•
The server that sends the Set-Cookie
header must be in the domain specified.
•
If no domain option is in the header, the
cookie will only be sent to the same
server.
19