Set-Cookie: session_id=sess_2002; Path=/; SameSite=Invalid; Secure; HttpOnly
Set-Cookie: csrf_token=csrf_missing_secure; Path=/; SameSite=None