Ajax 无法跨域获取 cookie

前端代码如下

x.withCredentials =true x.open('GET', 'http://www.example.com/xxx'); x.setRequestHeader("lang", "zh"); x.Onload=function(){ console.log(x.responseText); }; x.send(); 

响应头：

Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: x-requested-with, Content-Type,Cookie, Accept, multipart/form-data, application/x-www-form-urlencoded, lang, token, os, version, time Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Origin: http://192.168.0.128:8020 Cache-Control: no-cache, must-revalidate, no-cache, private Connection: close Content-Type: application/json Date: Thu, 06 Sep 2018 10:27:57 GMT Pragma: no-cache Proxy-Connection: keep-alive Server: nginx/1.13.12 Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Powered-By: PH/7.2.5 

请求头：

lang: zh Origin: http://192.168.0.128:8020 Referer: http://192.168.0.128:8020/test/new_file.html?__hbt=1536228082860 User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Mobile Safari/537.36 

后端是有 cookie 返回的，直接在浏览器输入接口 url 可以看到 cookie，而且后端也设置了 Access-Control-Allow-Credentials: true，可以在响应头看到，在网山查了很久，找不出是什么地方的问题，求大佬指点！