diff --git a/pystream/main.py b/pystream/main.py
index b5b836e..64e36db 100644
--- a/pystream/main.py
+++ b/pystream/main.py
@@ -37,7 +37,7 @@ async def redirect_exception_handler(request: Request,
     else:
         response = RedirectResponse(url=exception.location)
     if exception.detail:
-        response.set_cookie("detail", exception.detail.upper())
+        response.set_cookie("detail", exception.detail.upper(), httponly=True, samesite="strict")
     return response
 
 
diff --git a/pystream/routers/auth.py b/pystream/routers/auth.py
index f560b6f..6964a75 100644
--- a/pystream/routers/auth.py
+++ b/pystream/routers/auth.py
@@ -71,7 +71,8 @@ async def login(request: Request) -> JSONResponse:
                          value=config.static.cipher_suite.encrypt(str(auth_payload).encode("utf-8")).decode(),
                          max_age=config.env.session_duration,
                          expires=expiration,
-                         httponly=True)
+                         httponly=True,
+                         samesite="strict")
     if config.env.secure_session:
         cookie_kwargs["secure"] = True
     response.set_cookie(**cookie_kwargs)