SameSite Cookies

SameSite cookie settings help browsers decide when to send cookies on cross-site requests.

• Lax: good default for many apps
• Strict: strongest, can break some flows
• None: required for some SSO; must also be Secure