What is the difference between SameSite=”Lax” and SameSite=”Strict”?
Lax allows the cookie to be sent on some cross-site requests, whereas Strict never allows the cookie to be sent on a cross-site request. The situations in which Lax cookies can be sent cross-site must satisfy both of the following: The request must be a top-level navigation. You can think of this as equivalent to … Read more