Add samesite handling to CookieStorage

[jclausen]

Both Chromium and Firefox have announced plans to, in future releases, reject cookies with a samesite attributes set to "None".

Currently, CookieStorage has no handling for the samesite attribute at all.

CookieStorage should be updated to default samesite to Strict and allow for a configuration and per-cookie override.

[lmajano]

I agree, acf2018 introduced this, but I am not sure if lucee supports it.

[lmajano]

Ok, seems it does
https://docs.lucee.org/reference/tags/cookie.html

[wpdebruin]

I just added a pr for samesite. Now I am reading:
CookieStorage should be updated to default samesite to Strict and allow for a configuration and per-cookie override.
Not sure if I agree on that one. If the samesite attribute is not present in cfcookie there is no default set.
I think that should be the default behaviour, to stay close to cfcookie.
If you set a samesite default in the cookiestorage config I agree you can set it on all cookies.

In my PR this is not there yet, it only sets samesite if it is an attribute in the set() function, simular to expires (which I fixed some time ago because it had a wrong default).