diff --git a/config/cookie.php b/config/cookie.php
index d3b3aab9..c19f4fde 100644
--- a/config/cookie.php
+++ b/config/cookie.php
@@ -12,9 +12,9 @@ return [
     //  cookie 启用安全传输
     'secure'    => false,
     // httponly设置
-    'httponly'  => false,
+    'httponly'  => true,
     // 是否使用 setcookie
     'setcookie' => true,
     // samesite 设置，支持 'strict' 'lax'
-    'samesite'  => '',
+    'samesite'  => 'strict',
 ];