Why can cookies be obtained under Second-level domain, but cannot be automatically sent back using ajax, and cookies cannot be cross-domain?

  node.js, question

Scenario recurrence process:

Machine A LAN Address:
 Machine B LAN Address:
Configure the hosts addresses of machines a and b respectively:
 Address of Configuration Machine A:> a.site.com
 Address of Configuration Machine B:> b.site.com

Machine A is the front-end js code, starts the service, and requests machine B (on behalf of the server side) on the browser.
The first address of thehttp://b.site.com:8080/login/ …At the same time, the server injected cookie.
Set cookie’s key to ‘site’, value to ‘date’, doman site.com, path to/
, and then open a new page on the browser and request on the new pagehttp://a.site.com:8080/index, which can be seen through chrome console.
The cookie was injected, but … when using ajax to interface, the cookie did not appear in the request header, and tried various methods, including get, post, asynchronous and synchronous. Finally, jsonp was used and the cookie appeared.

Bad code is as follows:

$("a").click(function(event) {
 url:  'http://b.site.com:8080/test/test.htm' ,
 type: 'post',
 dataType: 'json',
 data: {'token': 'value'},
 .done(function() {
 .fail(function() {
 .always(function() {

Good code is as follows:

function flightHandler(data) {
 // body  ...
 $("a").click(function(event) {
 type: "get",
 url:  "http://b.site.com:8080/test/test.htm" ,
 dataType: "jsonp",
 Jsonp: "callback",// passed to the request handler or page to obtain the parameter name of jsonp callback function name (generally default: callback)
 Jsonp Callback: "FlightHandler",//The name of the custom JSONP callback function defaults to the random function name automatically generated by jQuery, or you can write "?"  , jQuery will automatically process the data for you
 success: function(data){
 error: function(){

Please help the great gods to see, if you can dispel doubts, thank you very much.

WithCredentials=true, and ensure that the server allows cross-domain, please refer to cors for details.