We have a CSP pages script, which gets and sets a cookie for email tracking purposes, we had problems with cookies not being passed to this script when the URL was opened from an email client due to being cross-site, so I set Session Cookie Scope & User Cookie Scope to None instead of Strict.
This solved the issue with cookies not being passed, however the script entirely does not work anymore due to the error:
"Invalid CSP response cookie. SameSite cannot be set to None without Secure. : CSP Error"
Month