Secure Cookies

'session' => [
		 'name' => 'FrontendSessionPetra',
 'cookieParams' => [
 'httpOnly' => true,
 'secure' => true
 ]
 ],
 'cookies' => [
		 'cookieValidationKey' => '55842521143P0o&&YjFFPetra',
 'csrfParam' => '_backendCSRF',
 'class' => 'yii\web\Cookie',
 'httpOnly' => true,
 'secure' => true
 ],
 'request' => [
 'csrfCookie' => [
 'httpOnly' => true,
 'secure' => true
 ]
 ],
 'user' => [
 'identityClass' => 'common\models\FrontendUser',
 'enableAutoLogin' => true,
			'identityCookie' => [
 'name' => '_identity',
 'httpOnly' => true,
 'secure' => true,
 ],
 ],

Header always edit Set-Cookie ^(.*)$ "$1; HttpOnly; SameSite=Lax; Secure"