diff --git a/py_vislib/settings/base.py b/py_vislib/settings/base.py
index c9904ea..7d5786b 100644
--- a/py_vislib/settings/base.py
+++ b/py_vislib/settings/base.py
@@ -29,7 +29,7 @@ ALLOWED_HOSTS = ['*']
 
 # 跨域
 # CORS_ORIGIN_ALLOW_ALL = True
-# SESSION_COOKIE_SAMESITE = None
+# SESSION_COOKIE_SAMESITE = 'strict'
 # SESSION_COOKIE_SECURE = True
 # Application definition
 
diff --git a/vislib/middleware.py b/vislib/middleware.py
index a1cfd9c..f746a25 100644
--- a/vislib/middleware.py
+++ b/vislib/middleware.py
@@ -4,7 +4,7 @@ from django.utils.deprecation import MiddlewareMixin
 class SameSiteMiddleware(MiddlewareMixin):
     def process_response(self, request, response):
         if 'sessionid' in response.cookies:
-            response.cookies['sessionid']['samesite'] = 'None'
+            response.cookies['sessionid']['samesite'] = 'Strict'
         if 'csrftoken' in response.cookies:
-            response.cookies['csrftoken']['samesite'] = 'None'
+            response.cookies['csrftoken']['samesite'] = 'Strict'
         return response