ENGCOM-8927: Fix incorrect setting of the SameSite cookie param #32462

 - Merge Pull Request #32462 from ihor-sviziev/magento2:fix-incorrect-settinf-of-the-samesite-cookie-param
 - Merged commits:
   1. bc5f97e
   2. 41b935d
   3. 35570b3
   4. 753be2a

Author: magento-engcom-team

app/code/Magento/Cookie/view/base/web/js/jquery.storageapi.extended.js

@@ -16,9 +16,11 @@ define([
      * @private
      */
     function _extend(storage) {
+        var cookiesConfig = window.cookiesConfig || {};
+
         $.extend(storage, {
-            _secure: window.cookiesConfig ? window.cookiesConfig.secure : false,
-            _samesite: window.cookiesConfig ? window.cookiesConfig.samesite : 'lax',
+            _secure: !!cookiesConfig.secure,
+            _samesite: cookiesConfig.samesite ? cookiesConfig.samesite : 'lax',
 
             /**
              * Set value under name

app/code/Magento/PageCache/view/frontend/web/js/form-key-provider.js

@@ -18,13 +18,16 @@ define(function () {
             var expires,
                 secure,
                 date = new Date(),
-                isSecure = !!window.cookiesConfig && window.cookiesConfig.secure;
+                cookiesConfig = window.cookiesConfig || {},
+                isSecure = !!cookiesConfig.secure,
+                samesite = cookiesConfig.samesite || 'lax';
 
             date.setTime(date.getTime() + 86400000);
             expires = '; expires=' + date.toUTCString();
             secure = isSecure ? '; secure' : '';
+            samesite = '; samesite=' + samesite;
 
-            document.cookie = 'form_key=' + (value || '') + expires + secure + '; path=/';
+            document.cookie = 'form_key=' + (value || '') + expires + secure + '; path=/' + samesite;
         }
 
         /**

lib/web/jquery/jquery.cookie.js

@@ -47,7 +47,7 @@
                 options.path    ? '; path=' + options.path : '',
                 options.domain  ? '; domain=' + options.domain : '',
                 options.secure  ? '; secure' : '',
-                options.samesite  ? '; samesite=' + options.samesite : 'lax',
+                '; samesite=' + (options.samesite ? options.samesite : 'lax'),
             ].join(''));
         }
 

lib/web/mage/adminhtml/tools.js

@@ -267,7 +267,7 @@ var Cookie = {
 
         return null;
     },
-    write: function (cookieName, cookieValue, cookieLifeTime) {
+    write: function (cookieName, cookieValue, cookieLifeTime, samesite) {
         var expires = '';
 
         if (cookieLifeTime) {
@@ -278,7 +278,9 @@ var Cookie = {
         }
         var urlPath = '/' + BASE_URL.split('/').slice(3).join('/'); // Get relative path
 
-        document.cookie = escape(cookieName) + '=' + escape(cookieValue) + expires + '; path=' + urlPath;
+        samesite = '; samesite=' + (samesite ? samesite : 'lax');
+
+        document.cookie = escape(cookieName) + '=' + escape(cookieValue) + expires + '; path=' + urlPath + samesite;
     },
     clear: function (cookieName) {
         this.write(cookieName, '', -1);

lib/web/mage/cookies.js

@@ -76,7 +76,7 @@ define([
                 (path ? '; path=' + path : '') +
                 (domain ? '; domain=' + domain : '') +
                 (secure ? '; secure' : '') +
-                (samesite ? '; samesite=' + samesite : 'lax');
+                '; samesite=' + (samesite ? samesite : 'lax');
         };
 
         /**