你不能.

您可以使用客户端 JavaScript 读取的唯一 cookie 是那些属于 HTML 文档宿主的 cookie，其中嵌入了 .

The only cookies you can read with client side JavaScript are those belonging to the host of the HTML document in which the <script> is embedded.

通过设置 withCredentials 你可以支持跨域请求中的 cookie，但它们由浏览器透明处理，JS 无法直接访问它们(XHR 规范甚至到 明确禁止 getAllResponseHeaders 读取与 cookie 相关的标头).跨域请求访问 cookie 的唯一方法是让服务器(您说您无权访问)将数据复制到正文或不同的响应标头中).

By setting withCredentials you can support cookies in cross-origin requests, but they are handled transparently by the browser and JS has no direct access to them (the XHR spec goes to far as to explicitly ban getAllResponseHeaders from reading cookie related headers). The only way for a cross-origin request to get access to cookies is for the server (which you say you don't have access to) to copy the data into the body or a different response header).