Added "xhr.withCredentials = true;" so that the third party cookie is included in POST requests.
Currently cookies are missing when using POST (xhr) requests.
This fixes visitor duplication when POST gets used.
This is the same change as in https://github.com/matomo-org/matomo/pull/13159 , but this time I have included a new test.
Cheers @MichaelHeerklotz noticed a test fails on travis: https://travis-ci.org/matomo-org/matomo/jobs/523527419#L776-L776
Just fyi: Not every older (IE) browser supports
withCredentials but that shouldn't be a problem (source https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials). It won't break anything.