Ajax 无法跨域获取 cookie

前端代码如下

x.withCredentials =true
x.open('GET', 'http://www.example.com/xxx');
x.setRequestHeader("lang", "zh");
x.onload=function(){
console.log(x.responseText);
};
x.send();

响应头：

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, Content-Type,Cookie, Accept, multipart/form-data, application/x-www-form-urlencoded, lang, token, os, version, time
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://192.168.0.128:8020
Cache-Control: no-cache, must-revalidate, no-cache, private
Connection: close
Content-Type: application/json
Date: Thu, 06 Sep 2018 10:27:57 GMT
Pragma: no-cache
Proxy-Connection: keep-alive
Server: nginx/1.13.12
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.2.5

请求头：

lang: zh
Origin: http://192.168.0.128:8020
Referer: http://192.168.0.128:8020/test/new_file.html?__hbt=1536228082860
User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Mobile Safari/537.36

后端是有 cookie 返回的，直接在浏览器输入接口 url 可以看到 cookie，而且后端也设置了 Access-Control-Allow-Credentials: true，可以在响应头看到，在网山查了很久，找不出是什么地方的问题，求大佬指点！