I am still a warning:

"A cookie associated with a cross-site resource at http://domain.com/ was set without the SameSite attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under"

Hi,

For first thanks for your plugin, i hope it can fix my issues.

I'm using magento 2.2.5, and I install it not using by composer, I use the manual install download you source file and past into app/code/Veriteworks/Cookiefix. After I done enable and upgrade, when visit my website it get error message that "Plugin class Veriteworks\CookieFix\Plugin\SwitchSameSite doesn't exist".

Thanks

When trying to install module using composer on Magento 2.3.4, getting below error:

Problem 1

• Conclusion: remove magento/framework 102.0.4
• Conclusion: don't install magento/framework 102.0.4
• Installation request for veriteworks/cookiefix ^2.2 -> satisfiable by veriteworks/cookiefix[2.2.0].
• Conclusion: don't install magento/framework 102.0.4
• Conclusion: don't install magento/framework 102.0.4
• veriteworks/cookiefix 2.2.0 requires magento/framework ~102.0.5||~103.0.0 -> satisfiable by magento/framework[102.0.5-p2, 103.0.0, 102.0.5].
• Can only install one of: magento/framework[103.0.0, 102.0.4].
• Can only install one of: magento/framework[102.0.5-p2, 102.0.4].
• Can only install one of: magento/framework[102.0.5, 102.0.4].
• Can only install one of: magento/framework[102.0.4, 102.0.5-p2].
• Can only install one of: magento/framework[102.0.4, 103.0.0].
• Can only install one of: magento/framework[102.0.4, 102.0.5].
• Can only install one of: magento/framework[102.0.4, 102.0.5-p2].
• Can only install one of: magento/framework[102.0.4, 103.0.0].
• Can only install one of: magento/framework[102.0.4, 102.0.5].
• Installation request for magento/framework (locked at 102.0.4) -> satisfiable by magento/framework[102.0.4].

Probably this is because of the Magento framework version in Magento 2.3.4 is 102.0.4. Can you please advise and provide a workaround for installing on Magento 2.3.4?

• Magento 2.3.5-p1
• Veriteworks_CookieFix 2.3.1
• Chrome Version 85.0.4183.102
• User cannot login

3ds payment works on Chrome as expected but it caused issue user cannot login with Chrome only.

Update: Version

I am getting the following error in my site after installing

Autoload error
Module 'Veriteworks_CookieFix' from '/var/www/lac/app/code/Veriteworks/CookieFix' has been already defined in '/var/www/lac/vendor/veriteworks/cookiefix'.

please help

Hi, Thanks for your Fix，But I still get warning from Chrome & Firefox without 'secure'。
The Chrome warning is below:
A cookie associated with a cross-site resource at http://baidu.com/ was set without the SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
The Firefox warning is below:
由于 Cookie “PHPSESSID”的“sameSite”属性设置为“none”，但缺少“secure”属性，此 Cookie 未来将被拒绝。若要了解“sameSite“的更多信息，请参阅：
(This cookie will be rejected in the future because the 'samesite' property of the cookie 'phpsessid' is set to 'none', but the 'secure' property is missing. To learn more about "samesite," see:)
https://developer.mozilla.org/docs/Web/HTTP/Cookies

first i would thank you for this fix , I applyed the fix for a Magento 2.1.7 site but the checkout is not working , the log has no reference for the fix ,they are using php7.1,

This module doesn't work yet for 2.4.4 since you need php 8.x support for it.

Magento 2.2.8を利用しています。

こちらのパッチ適用前の段階で、Amazonログインボタンがあるページなどで、以下のようなコンソールに警告が出ておりました。
パッチ適用後も、同様にSameSiteの警告がコンソールに出たままなのですが、その状態で正常なのでしょうか？

また、Amazonログインや、Amazon Payでの購入は正常にできることを確認しております。

Base on 3DS payments issue on new Chrome Browser could only be happened with specific payments modules and actions.
Is this possible to add the fix for specific actions, controllers.., etc.

Then it could not affect the others functions as well

It gives me folllowing error after installation

Fatal error: Uncaught Error: Call to undefined method Magento\Framework\Stdlib\Cookie\PublicCookieMetadata::setSameSite() in /var/www/html/app/code/Veriteworks/CookieFix/Plugin/SwitchSameSite.php:67 Stack trace: #0 /var/www/html/vendor/magento/framework/Interception/Interceptor.php(121): Veriteworks\CookieFix\Plugin\SwitchSameSite->beforeSetPublicCookie(Object(Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor), 'PHPSESSID', 'ahji1fi0bn7jsur...', Object(Magento\Framework\Stdlib\Cookie\PublicCookieMetadata)) #1 /var/www/html/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->Magento\Framework\Interception{closure}('PHPSESSID', 'ahji1fi0bn7jsur...', Object(Magento\Framework\Stdlib\Cookie\PublicCookieMetadata)) #2 /var/www/html/generated/code/Magento/Framework/Stdlib/Cookie/PhpCookieManager/Interceptor.php(26): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->___callPlugins('setPublicCookie', Array, Array) #3 /var/www/html/vendor/m in /var/www/html/app/code/Veriteworks/CookieFix/Plugin/SwitchSameSite.php on line 67

• PHP 7.4.15
• Magento 2.4.1 CE
• Veriteworks_CookieFix 3.0.0-beta1
• Chrome Version 88.0.4324.150
• Firefox 85.0.1
• Site uses HTTPS

User can login but error message displayed after redirect to customer dashboard
An unspecified error occurred. Please contact us for assistance

3ds payment works on Chrome/Firefox as expected but it caused issue with user login with Chrome/Firefox.

Further debugging yielded this stack trace

Cookie must be secure in order to use the SameSite None directive.

#0 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/veriteworks/cookiefix/Plugin/SwitchSameSite.php(67): Magento\Framework\Stdlib\Cookie\CookieMetadata->setSameSite()
#1 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(121): Veriteworks\CookieFix\Plugin\SwitchSameSite->beforeSetPublicCookie()
#2 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->Magento\Framework\Interception\{closure}()
#3 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Framework/Stdlib/Cookie/PhpCookieManager/Interceptor.php(23): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->___callPlugins()
#4 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/PageCache/FormKey.php(74): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->setPublicCookie()
#5 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-page-cache/Observer/RenewFormKey.php(91): Magento\Framework\App\PageCache\FormKey->set()
#6 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-page-cache/Observer/RenewFormKey.php(77): Magento\PageCache\Observer\RenewFormKey->setNewFormKey()
#7 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Event/Invoker/InvokerDefault.php(88): Magento\PageCache\Observer\RenewFormKey->execute()
#8 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Event/Invoker/InvokerDefault.php(74): Magento\Framework\Event\Invoker\InvokerDefault->_callObserverMethod()
#9 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Event/Manager.php(66): Magento\Framework\Event\Invoker\InvokerDefault->dispatch()
#10 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Framework/Event/Manager/Proxy.php(95): Magento\Framework\Event\Manager->dispatch()
#11 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-customer/Model/Session.php(469): Magento\Framework\Event\Manager\Proxy->dispatch()
#12 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-customer/Controller/Account/LoginPost.php(192): Magento\Customer\Model\Session->setCustomerDataAsLoggedIn()
#13 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\Customer\Controller\Account\LoginPost->execute()
#14 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\Customer\Controller\Account\LoginPost\Interceptor->___callParent()
#15 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-customer/Controller/Plugin/Account.php(64): Magento\Customer\Controller\Account\LoginPost\Interceptor->Magento\Framework\Interception\{closure}()
#16 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(135): Magento\Customer\Controller\Plugin\Account->aroundExecute()
#17 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/Action/Plugin/ActionFlagNoDispatchPlugin.php(51): Magento\Customer\Controller\Account\LoginPost\Interceptor->Magento\Framework\Interception\{closure}()
#18 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(135): Magento\Framework\App\Action\Plugin\ActionFlagNoDispatchPlugin->aroundExecute()
#19 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Customer\Controller\Account\LoginPost\Interceptor->Magento\Framework\Interception\{closure}()
#20 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Customer/Controller/Account/LoginPost/Interceptor.php(23): Magento\Customer\Controller\Account\LoginPost\Interceptor->___callPlugins()
#21 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/Action/Action.php(111): Magento\Customer\Controller\Account\LoginPost\Interceptor->execute()
#22 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\Framework\App\Action\Action->dispatch()
#23 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\Customer\Controller\Account\LoginPost\Interceptor->___callParent()
#24 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Customer\Controller\Account\LoginPost\Interceptor->Magento\Framework\Interception\{closure}()
#25 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Customer/Controller/Account/LoginPost/Interceptor.php(32): Magento\Customer\Controller\Account\LoginPost\Interceptor->___callPlugins()
#26 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/FrontController.php(186): Magento\Customer\Controller\Account\LoginPost\Interceptor->dispatch()
#27 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/FrontController.php(118): Magento\Framework\App\FrontController->processRequest()
#28 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\Framework\App\FrontController->dispatch()
#29 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\Framework\App\FrontController\Interceptor->___callParent()
#30 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/vaimo/module-redirect/Plugin/Framework/FrontControllerPlugin.php(34): Magento\Framework\App\FrontController\Interceptor->Magento\Framework\Interception\{closure}()
#31 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(135): Vaimo\Redirect\Plugin\Framework\FrontControllerPlugin->aroundDispatch()
#32 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-store/App/FrontController/Plugin/RequestPreprocessor.php(99): Magento\Framework\App\FrontController\Interceptor->Magento\Framework\Interception\{closure}()
#33 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(135): Magento\Store\App\FrontController\Plugin\RequestPreprocessor->aroundDispatch()
#34 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/module-page-cache/Model/App/FrontController/BuiltinPlugin.php(71): Magento\Framework\App\FrontController\Interceptor->Magento\Framework\Interception\{closure}()
#35 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(135): Magento\PageCache\Model\App\FrontController\BuiltinPlugin->aroundDispatch()
#36 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Framework\App\FrontController\Interceptor->Magento\Framework\Interception\{closure}()
#37 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Framework/App/FrontController/Interceptor.php(23): Magento\Framework\App\FrontController\Interceptor->___callPlugins()
#38 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/Http.php(116): Magento\Framework\App\FrontController\Interceptor->dispatch()
#39 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\Framework\App\Http->launch()
#40 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\Framework\App\Http\Interceptor->___callParent()
#41 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Framework\App\Http\Interceptor->Magento\Framework\Interception\{closure}()
#42 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/generated/code/Magento/Framework/App/Http/Interceptor.php(23): Magento\Framework\App\Http\Interceptor->___callPlugins()
#43 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/vendor/magento/framework/App/Bootstrap.php(263): Magento\Framework\App\Http\Interceptor->launch()
#44 /opt/vaimo/deploy/x11038/2021-02-12_15-53-19/htdocs/pub/index.php(40): Magento\Framework\App\Bootstrap->run()
#45 {main}

Hi,

Thanks for creating this fix!

Im trying to get the code by using composer require. its always gives me 2.4.0 version.
The version is different .
currently the 'Veriteworks\CookieFix\Rewrite\Stdlib\Cookie\PublicCookieMetadata' class cause an compilation issue => incompatible with 'Magento\Framework\Stdlib\Cookie\CookieMetadata'

i've tried to claer composer cache..

im using Magento 2.4.1

am i missing something?

10x

Hi,

I've installed the module and have found that most of the cookies are still set as 'Lax'. I'm not sure whether this is correct or not, but it definitely affects my iframe app. When I check the header values, I see 2 values set for the same cookie.

Maybe I'm doing something wrong?

Hello

I'm trying to install but I'm getting this error

The following exception probably indicates you have misconfigured DNS resolver(s)

In CurlDownloader.php line 365:
                                                                                                                                                  
  curl error 6 while downloading https://repo.megaplaza.com/packages.json: Could not resolve host: repo.megaplaza.com; Name or service not known 

Not able to install with composer on 2.4.0. Gives below error -

Using version ^3.0 for veriteworks/cookiefix
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.

Problem 1
- Conclusion: don't install veriteworks/cookiefix 3.0.1|remove magento/product-community-edition 2.4.0|install magento/framework 102.0.6-p1
- Conclusion: don't install magento/framework 102.0.6-p1
- Conclusion: don't install veriteworks/cookiefix 3.0.1|don't install magento/product-community-edition 2.4.0|install magento/framework 102.0.6-p1
- Installation request for magento/product-community-edition 2.4.0 -> satisfiable by magento/product-community-edition[2.4.0].
- Conclusion: don't install veriteworks/cookiefix 3.0.1|install magento/framework 102.0.6-p1
- Conclusion: don't install veriteworks/cookiefix 3.0.0|remove magento/framework 103.0.0|install magento/framework 102.0.6-p1
- Conclusion: don't install veriteworks/cookiefix 3.0.0|don't install magento/framework 103.0.0|install magento/framework 102.0.6-p1
- Installation request for veriteworks/cookiefix ^3.0 -> satisfiable by veriteworks/cookiefix[3.0.0, 3.0.1].
- veriteworks/cookiefix 3.0.0 requires magento/framework ~102.0.6-p1||~103.0.1 -> satisfiable by magento/framework[102.0.7, 103.0.2-p1, 103.0.2, 103.0.1-p1, 102.0.6-p1, 103.0.1].
- Can only install one of: magento/framework[102.0.7, 103.0.0].
- Can only install one of: magento/framework[103.0.2-p1, 103.0.0].
- Can only install one of: magento/framework[103.0.2, 103.0.0].
- Can only install one of: magento/framework[103.0.1-p1, 103.0.0].
- Can only install one of: magento/framework[103.0.1, 103.0.0].
- Installation request for magento/framework (locked at 103.0.0) -> satisfiable by magento/framework[103.0.0].

Installation failed, reverting ./composer.json to its original content.

We are integrating Magento 2.3.3 with a third party payment gateway and the obvious issue logged out the user once the payment is complete, during the callback. We made use of CookieFix module (thanks to you!), it resolved the issue for Chrome.

But the issue still exists on Safari and it is not reproducible on all the systems. Only one or two users. I am running the same Safari version(Version 13.1.2) as them. While it does not kick me out of Safari after payment, it kicks them out. They are logged out and taken back to the login screen. And they don't necessary have to make a payment. They have to go to the payment gateway's page and just hitting Cancel is logging them out of the site.

Your help is much appreciated!!

Didn't appear to set SameSite=None

Hello,

After installing the extension, this error appears when Customer Login is attempted.

Fatal error: Uncaught Error: Call to undefined method Magento\Framework\Stdlib\Cookie\PublicCookieMetadata::setSameSite() in /home/customer/www/mysomesite.com/public_html/app/code/Veriteworks/CookieFix/Plugin/SwitchSameSite.php:67 Stack trace: #0 /home/customer/www/mysomesite.com/public_html/vendor/magento/framework/Interception/Interceptor.php(121): Veriteworks\CookieFix\Plugin\SwitchSameSite->beforeSetPublicCookie(Object(Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor), 'private_content...', '07c029ee82b5d34...', Object(Magento\Framework\Stdlib\Cookie\PublicCookieMetadata)) #1 /home/customer/www/mysomesite.com/public_html/vendor/magento/framework/Interception/Interceptor.php(153): Magento\Framework\Stdlib\Cookie\PhpCookieManager\Interceptor->Magento\Framework\Interception\{closure}('private_content...', '07c029ee82b5d34...', Object(Magento\Framework\Stdlib\Cookie\PublicCookieMetadata)) #2 /home/customer/www/mysomesite.com/public_html/generated/code/Magento/Framework/Stdlib/Cookie/PhpCookieManager/In in /home/customer/www/mysomesite.com/public_html/app/code/Veriteworks/CookieFix/Plugin/SwitchSameSite.php on line 67

Magento Community 2.3.6
CookieFix latest version installed today
HTTPS is enabled

Checked on:
Mozilla Firefox: 84.0.2 (32-bit)
Microsoft Edge: Version 87.0.664.66 (Official build) (64-bit)
Chrome: Version 87.0.4280.88 (Official Build) (64-bit)

Hello

We are using 2.4.1
After installing the module and set the cookie as "None" It's still "Lax"
Please see image attached.
The site is in sub domain.

We have another site 2.4.1 with no issues.

Thank you,
Eran

Firstly, thanks for you fix, helps a lot! Before that, this iframe store was not keeping sessions alive.

But, seems like the cache is not working well, wishlist and login page is getting infinity looping and magento messages won't disappear because mage-messages cookie is not emptying value after displayed.

I'm using https, magento 2.3.2, php fpm 7.1.

error.log
Hi, Thank you for your module!
It help fixed the issue but I see an error when config "Same Site" is "None" and switch between stores.
"The store cannot be switched."

I'm using your module version 3.0.0 on magento 2.4.1.
Log file attached.
Thank you!

@HirokazuNishi can you put some light on the below plugins? are they actually needed and if I remove them what will not work?

<type name="Magento\Framework\View\Element\Js\Cookie"> <plugin name="afterGetPath" type="Veriteworks\CookieFix\Plugin\View\Element\Js\AdjustPath" sortOrder="10"/> </type> <type name="Magento\Framework\Session\Config"> <plugin name="add_samesite" type="Veriteworks\CookieFix\Plugin\Session\AddSameSite" sortOrder="10"/> </type>

It would be nice to have a system configuration to enable / disable the functionality.

This module doesn't work for Magento 2.4.7, since you need PHP 8.3 support for it.

Hi, once we install the plugin, it fixes the problem with the payment gateway but when we try to add anything to the cart, it does not add it.

I have seen that you released the fix with the 1.0.6 tag, but with magento 2.2.8 it is not compatible as the fix calls a framework class that does not exist:

Class Magento \ Framework \ Session \ SessionStartChecker does not exist

Can you fix it please?

Hi HirokazuNishi,

I have tried the module but I am still seeing cookie issues from the Google ReCaptcha functionality:

It seems to be a consent cookie issue:

After installing the module (via Manual) and configure cookie SameSite to "None"
and frontend I got an error message " Cookie must be secure in order to use the SameSite None directive."

and then I comment 2 files

1. comment line 82-86 in /vendor/magento/framework/Stdlib/Cookie/PublicCookieMetadata.php

public function setSecure($secure)
{
// if (!$secure && $this->get(self::KEY_SAME_SITE) === 'None') {
// throw new \InvalidArgumentException(
// 'Cookie must be secure in order to use the SameSite None directive.'
// );
// }
return $this->set(self::KEY_SECURE, $secure);
}

2. comment line 164-168 in /vendor/magento/framework/Stdlib/Cookie/CookieMetadata.php

public function setSameSite(string $sameSite): CookieMetadata
{
if (!array_key_exists(strtolower($sameSite), self::SAME_SITE_ALLOWED_VALUES)) {
throw new \InvalidArgumentException(
'Invalid argument provided for SameSite directive expected one of: Strict, Lax or None'
);
}
// if (!$this->getSecure() && strtolower($sameSite) === 'none') {
// throw new \InvalidArgumentException(
// 'Cookie must be secure in order to use the SameSite None directive.'
// );
// }
$sameSite = self::SAME_SITE_ALLOWED_VALUES[strtolower($sameSite)];
return $this->set(self::KEY_SAME_SITE, $sameSite);
}

and it's work!!

I know, it's not good practice. but I can work around this solution? or you have another good idea to share?