diff --git a/server/src/http.rs b/server/src/http.rs
index cb245e7f..34b3b994 100644
--- a/server/src/http.rs
+++ b/server/src/http.rs
@@ -354,7 +354,7 @@ fn recover(req: &mut Request) -> IronResult<Response> {
 
     let v = Cookie::build(TOKEN_HEADER, token)
         .http_only(true)
-        .same_site(SameSite::None)
+        .same_site(SameSite::Strict)
         .path("/")
         .max_age(Duration::weeks(1)) // 1 week aligns with db set
         .finish();