Figure 2From: Secure cross-domain cookies for HTTPA preflight request. >> marks headers sent to the server, <, headers received from it.Back to article page