diff --git a/providers/session/session.go b/providers/session/session.go
index cf4ea83..c044ca9 100644
--- a/providers/session/session.go
+++ b/providers/session/session.go
@@ -108,11 +108,16 @@ func (this *state) funcSessionHTTP (
 		result = session
 	}
 	cookie := &http.Cookie {
-		Name:    sessionIDCookieName,
-		Value:   result.ID().String(),
-		Expires: expiration,
+		Name:     sessionIDCookieName,
+		Value:    result.ID().String(),
+		Expires:  expiration,
+		Secure:   true,
+		HttpOnly: true,
+		SameSite: http.SameSiteStrictMode,
+		Path:     "/",
 	}
-	http.SetCookie(shttp.UnderlyingResponseWriter(res), cookie)
+	underlyingRes := shttp.UnderlyingResponseWriter(res)
+	http.SetCookie(underlyingRes, cookie)
 	return result, nil
 }