I've observed that my express server sends a Set-Cookie header in response to every OPTIONS request made by my front-end Angular.js project.
The cookie has a new value on each of the OPTIONS requests, but is never actually stored by Chrome.
When I use passport.js to authenticate a user, the response to the POST request has the same header (again with a new cookie), but this time I can see that it is stored, and sent with subsequent requests in the Cookie header.
Which express module is doing this, and why? And why does Chrome not store the cookie?
This is more curiosity than anything, as it's not causing any problems (just caused a lot of confusion when trying to track one down).