diff --git a/src/portal_user.c b/src/portal_user.c
index 1fa3337..fa83785 100644
--- a/src/portal_user.c
+++ b/src/portal_user.c
@@ -173,6 +173,8 @@ portal_user_load(struct http_request *req)
     int rc = 0;
     sqlite3_stmt *res= NULL;
     sqlite3 *db = NULL;
+    char *cookie_session = NULL;
+    char *cookie_samesite = NULL;
     char *cookie = NULL;
     char *session_id = NULL;
 
@@ -258,10 +260,14 @@ portal_user_load(struct http_request *req)
             ht_set(hashtable, session_id, login);
 
             kore_log(LOG_NOTICE, "on a ajouté le sessions dans la hastable");
-            cookie = set_cookie_header("session_id", '=', session_id);
+            cookie_session = set_cookie_header("session_id", '=', session_id);
+            cookie_samesite = set_cookie_header("SameSite", '=', "Strict");
+            cookie = set_cookie_header(cookie_session, ';', cookie_samesite);
             kore_log(LOG_NOTICE, "on a set le cookie dans les headers");
             kore_buf_replace_string(b, "$msg$", "BRAVO !!!", 13);
             free(session_id);
+            free(cookie_session);
+            free(cookie_samesite);
             kore_log(LOG_NOTICE, "set cookie OK");
         }
 
@@ -271,9 +277,12 @@ portal_user_load(struct http_request *req)
 
         http_response_header(req, "content-type", "text/html");
         if (cookie != NULL)
+          {
             http_response_header(req, "set-cookie", cookie);
+            free(cookie);
+          }
         d = kore_buf_release(b, &len);
-
+        
        http_response_header(req, "location", "/portal/bienvenue");
        http_response(req, HTTP_STATUS_FOUND, NULL, 0);
        kore_free(d);