Access-Control-Allow-Origin: https://example.net
Access-Control-Allow-Credentials: true
Set-Cookie: faviconCookie2=test; SameSite=None; Secure;