Cross-Origin

SameSite=None     - send the cookie on any relevant request
SameSite=Lax      - don't send the cookie on cross-site requests (except for manually entered URLs)
SameSite=Strict   - only include cookie if the domain originating the request is the same as the cookie's domain