Cookie appears to have a bug for domain with `www` inside it

[konklone]

From this commit/comment:

I see .replace('www.','') in a few places, regarding the cookie domain. It doesn't look like it guarantees that www. begins at the start of the string, so a site whose subdomain had a level which ended in www, e.g. site-www.example.gov would be broken and the cookie would not stick.

[konklone]

A note that this is still the case in 2.0:

• https://github.com/GSA/DAP-Gov-wide-GA-Code/blob/master/Universal-Federated-Analytics.js#L38
• https://github.com/GSA/DAP-Gov-wide-GA-Code/blob/master/Universal-Federated-Analytics.js#L86
• https://github.com/GSA/DAP-Gov-wide-GA-Code/blob/master/Universal-Federated-Analytics.js#L91
• https://github.com/GSA/DAP-Gov-wide-GA-Code/blob/master/Universal-Federated-Analytics.js#L588

Note that I haven't empirically tested this and isolated any issues. However, I strongly suspect this needs a tightened regex in order to prevent bugs on subdomains that aren't www, but incorporate www in them.

[tdlowden]

Marked for review with v3.1