fix: address review comments for ExpireCookie

- Add CookieSameSiteDisabled handling in ExpireCookie to not set
  SameSite attribute when explicitly disabled
- Fix documentation signature to show fiber.Res receiver instead of
  fiber.Ctx
- Add test case for CookieSameSiteDisabled to verify SameSite is not
  present in Set-Cookie header

Author: darwin808

ctx_test.go

@@ -4550,9 +4550,10 @@ func Test_Ctx_ExpireCookie(t *testing.T) {
 	t.Parallel()
 
 	testCases := []struct {
-		expectedStrs []string
-		name         string
-		cookie       Cookie
+		expectedStrs    []string
+		notExpectedStrs []string
+		name            string
+		cookie          Cookie
 	}{
 		{
 			name: "with path",
@@ -4621,6 +4622,15 @@ func Test_Ctx_ExpireCookie(t *testing.T) {
 			},
 			expectedStrs: []string{"partitioned_cookie=;", "Partitioned", "secure", "expires="},
 		},
+		{
+			name: "with SameSite Disabled (should not set SameSite)",
+			cookie: Cookie{
+				Name:     "disabled_samesite",
+				SameSite: CookieSameSiteDisabled,
+			},
+			expectedStrs:    []string{"disabled_samesite=;", "expires="},
+			notExpectedStrs: []string{"SameSite"},
+		},
 	}
 
 	for _, tc := range testCases {
@@ -4636,6 +4646,9 @@ func Test_Ctx_ExpireCookie(t *testing.T) {
 			for _, expected := range tc.expectedStrs {
 				require.Contains(t, setCookie, expected)
 			}
+			for _, notExpected := range tc.notExpectedStrs {
+				require.NotContains(t, setCookie, notExpected)
+			}
 		})
 	}
 }

docs/api/ctx.md

@@ -1777,7 +1777,7 @@ Alternatively, use `ExpireCookie` for a cleaner approach (see below).
 Expires a cookie by its cookie definition. This is useful when you need to expire a cookie that was set with a specific `Path` or `Domain`. The browser will only clear the cookie if the `Path` and `Domain` attributes match the original cookie.
 
 ```go title="Signature"
-func (c fiber.Ctx) ExpireCookie(cookie *Cookie)
+func (r fiber.Res) ExpireCookie(cookie *fiber.Cookie)
 ```
 
 ```go title="Example"

res.go

@@ -250,6 +250,8 @@ func (r *DefaultRes) ExpireCookie(cookie *Cookie) {
 		isSecure = true // SameSite=None requires Secure
 	case utils.EqualFold(cookie.SameSite, CookieSameSiteLaxMode):
 		fcookie.SetSameSite(fasthttp.CookieSameSiteLaxMode)
+	case utils.EqualFold(cookie.SameSite, CookieSameSiteDisabled):
+		// SameSite explicitly disabled: do not set SameSite attribute
 	default:
 		// No SameSite attribute set
 	}