SameSite issue

Hi, my browsers developer mode shows me the following

“This Set-Cookie header didn’t specify a “SameSite” attribute and was defaulted to “SameSite=Lax,” and was blocked because it came from a cross-site response which was not the response to a top-level navigation. The Set-Cookie had to have been set with “SameSite=None” to enable cross-site usage.”

According to my analysis, the problem occurs when resources from your domains (e.g. the tracking pixel / METIS API) are loaded in the frontend. The browser treats this as a cross-site request and blocks the set cookie because the Set-Cookie header does not contain an explicit “SameSite=None; Secure”.

Important points:

• I cannot adjust these header settings in the WordPress plugin or via content security policy because the set-cookie header comes directly from your server.
• Modern browsers interpret missing SameSite information as “SameSite=Lax” and then do not allow the cookie in embedded/cross-site contexts.

My request to you:

Can you check whether the cookies set by your servers for METIS / VG WORT can be adjusted in the HTTP response header as follows:

Set-Cookie: name=value; Path=/; SameSite=None; Secure

This is the only way to ensure that the cookies can be used reliably in current browsers in a cross-site scenario.

Thank you in advance! Best regards, Stefan