Samesite Cookies

A cookie sent from, then we call SameSite or first party cookies. A cookie sent to, which does not match my site is called CrossSite, 3rd party cookies.

Cookies have SameSite attribute of Strict, Lax, and None.

Starting with Chrome 80, all cookies by defaults set to Lax:

Set-Cookie: name=value; SameSite=Lax

Which means any 3rd party cookie will not be sent.

Set-Cookie: name=value; SameSite=None; Secure

3rd party cookie will be sent over HTTPS connection.

chrome://flags, enable these two experiments chrome://flags/#same-site-by-default-cookies and chrome://flags/#cookies-without-same-site-must-be-secure:

Then go to your site, check console warnings. Make changes accordingly.