Badass! @googlechrome and @firefox are changing cookies to default to SameSite=LAX to help prevent CSRF across a large swath of the internet. groups.google.com/a/chromium…