Merge pull request #23631 from kbrock/CP4AIOPS-446

Add SameSite=Strict for cookies

Author: Fryguy

lib/manageiq/session/abstract_store_adapter.rb

@@ -2,12 +2,11 @@ module ManageIQ
   module Session
     class AbstractStoreAdapter
       def session_options
-        session_options = {}
+        session_options = {:same_site => :strict}
 
         if MiqEnvironment::Command.is_appliance?
           session_options[:secure]    = true unless ENV["ALLOW_INSECURE_SESSION"]
           session_options[:httponly]  = true
-          session_options[:same_site] = true
         end
 
         session_options