diff --git a/cps/__init__.py b/cps/__init__.py
index b8e74f27..b14fb445 100644
--- a/cps/__init__.py
+++ b/cps/__init__.py
@@ -56,6 +56,12 @@ mimetypes.add_type('application/ogg', '.ogg')
 mimetypes.add_type('application/ogg', '.oga')
 
 app = Flask(__name__)
+app.config.update(
+    SESSION_COOKIE_HTTPONLY=True,
+    SESSION_COOKIE_SAMESITE='Lax',
+    REMEMBER_COOKIE_SAMESITE='Lax',
+)
+
 
 lm = LoginManager()
 lm.login_view = 'web.login'