I have looked at the current Cookie Implementation in Undetow, and it seems like there is no support for the Same-Site Cookie Attribute.


See: https://scotthelme.co.uk/csrf-is-dead/


I’ll be happy to create a pull request, if someone could point me to the right classes (and test cases) where the response headers for the cookies are being set.


Best regards,