Lets say
(A) - I have a website at domain name: testbuy.com
(B) - I have a separate application hosted on app.testbuy.com
(C) - I have a javascript hosted at cdnjs.com/testscript.js
When a user visits testbuy.com, it downloads the js testscript.js(C). This javascript(C) makes POST requests to app.testbuy.com (B). Lets say it sends every time the page is loaded or the user clicks on "Buy" button.
Let's say when the first request is made to app.testbuy.com, it(B) sets a cookie with SameSite attribute. On the subsequent requests, this cookie will be sent to the server.
In this context:
- Is this treated as 1P cookie? Though the javascript is downloaded from cdnjs which is not samesite.
- If I host the javascript in app.testbuy.com/js/testscript.js, Does this change the way the cookie is treated?
- How does this vary across Safari, Chrome and Firefox?
This article talks about remote resources as javascripts downloaded. Are these for javascripts downloaded from cross-origin or does it apply to satesite as well?