diff --git a/web/includes/session.php b/web/includes/session.php
index 5c16eaac1..e76032577 100644
--- a/web/includes/session.php
+++ b/web/includes/session.php
@@ -30,7 +30,7 @@ function zm_session_start() {
     if ( version_compare(phpversion(), '7.3.0', '<') ) {
       session_set_cookie_params(
         $currentCookieParams['lifetime'],
-        $currentCookieParams['path'],
+        $currentCookieParams['path'].'; samesite=strict',
         $currentCookieParams['domain'],
         $currentCookieParams['secure'],
         $currentCookieParams['httponly']