the Lucee admin creates some cookies using
but doesn't inherit any Application.cfc defaults for the cookie tag
This PR enables sameSite strict cookies for the Lucee admin, but currently only affects the sessionCookies (which are the most important, the other cookies don't need to be secure )
https://github.com/lucee/Lucee/pull/955
if this worked, the admin cookies could be scoped to
with
DEFAULT should be SameSite=Lax,
NONE should be SameSite=None LDEV-2993