I just want to share cookie setup for cross site requests (FE hosted on Firebase, BE hosted on Heroku) that I wasn't able to find anywhere, just a piece of info there and a piece of info somewhere else.
The setup is as follows:
React.js (Firebase) - fetch requests to the backend Node.js + Express (Heroku). Using cookie-session and cors. Please see the answer below. Hope it helps save your time.
This is what has worked for me:
Fetch request from React: