cookie: SameSite default to Lax (IETF Incrementally Better Cookies)

cookie: Per IETF ongoing efforts for cookie incrementalism (as already released in Chrome 80, Firefox 96), set SameSite default value to Lax.

• https://datatracker.ietf.org/doc/html/draft-west-cookie-incrementalism-00
• https://mikewest.github.io/cookie-incrementalism/draft-west-cookie-incrementalism.html#section-3.1

IETF: "Incrementally Better Cookies" Expected Browser Behavior for cookies

• https://datatracker.ietf.org/doc/html/draft-west-cookie-incrementalism-00
• https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html and draft (expires 2023)
  • Add a default enforcement value to the same-site-flag, equivalent to "SameSite=Lax":
    • https://github.com/httpwg/http-extensions/ pull/1325.

Related:

• https://mikewest.github.io/cookie-incrementalism/draft-west-cookie-incrementalism.html
• https://web.dev/samesite-cookie-recipes/
• https://github.com/GoogleChromeLabs/samesite-examples