Add flag to chrome://flags for "Cookies without SameSite must be secure"

This CL adds a flag to chrome://flags to enable "Cookies without
SameSite must be secure". When enabled, any cookies without SameSite
restrictions that do not specify the Secure attribute will be treated
as Secure (if set from a secure URL), or rejected (if set from an
insecure URL). This flag only has an effect if "SameSite by default
cookies" is also enabled.

Bug: 954551
Change-Id: Ib2f6cbdb5d6d5e39ccba16e23bd5a62e7b62cfb9
Commit-Queue: Lily Chen <>
Reviewed-by: Maks Orlovich <>
Cr-Commit-Position: refs/heads/master@{#654254}
5 files changed