If you are using CapacitorHttp, then it wouldn’t be a CORS issue as CORS doesn’t exist in native land 
Yes, it can handle setting Cookies but using Cookies are not recommended in a native app. See Capacitor iOS / Cookie Authentication / capacitor/http - #10 by dallas