HttpOnly Cookie not working when I use the domain attribute with a subdomain value

I am using ExpressJS to serve this cookie back like so: res.cookie('x-customer', access_token, { maxAge: 1200000, httpOnly: true, domain: 'abc.com.au', secure: true })

In my local, I am using NGINX proxy and it works fine, this response sets my cookie just fine:

1. the Chrome Devtools > Network > Cookie tab shows Response is setting it

2. the Chrome Devtools > Network > Headers tab shows the Reponse having Set-Cookie

However, as soon as I move this to TEST environment, it no longer sets the cookie:

1. the Chrome Devtools > Network > Cookie tab does not even show Response

2. the Chrome Devtools > Network > Headers tab has missing Response Set-Cookie

Then if I remove the domain attribute and deploy to TEST, the cookie starts to appear and Response is able to set it, but is not right solution because I need to specify a domain attribute so that subdomain such as site1.abc.com.au and site2.abc.com.au will be able to read the cookie.

UPDATE 1: Even if I change domain attribute to have the exact domain as origin, it still doesn't work; as sson as I have domain attribute present in the cookie then it stops working in TEST only environment

UPDATE 2: I think the Test env uses Webseal or Isam or something like so, might it be the one blocking/dropping the cookie?

Can you please help and let me know where is the issue here?

The issue was with Webseal. The default settings cause the issue. They had to use

validate-backend-domain-cookies:no