More of a general security question - Is there a way to whitelist domains for samesite cookie restrictions? We'd like to keep

this.sessioncookie.sameSite = "secure";

but it breaks some of the session values we set between redirects in our Oauth2 flow.