Add SameSite (same_site) and Priority attributes to CefCookie (fixes issue #2524)

This change also restores the Chromium default values for the
SameSiteByDefaultCookies and CookiesWithoutSameSiteMustBeSecure features. See
https://www.chromium.org/updates/same-site for feature details and rollout
timeline.

libcef/browser/net_service/browser_urlrequest_impl.cc

@@ -31,6 +31,7 @@
 #include "services/network/public/cpp/shared_url_loader_factory.h"
 #include "services/network/public/cpp/simple_url_loader.h"
 #include "services/network/public/cpp/simple_url_loader_stream_consumer.h"
+#include "third_party/blink/public/mojom/loader/resource_load_info.mojom.h"
 
 namespace {
 
@@ -254,6 +255,23 @@ class CefBrowserURLRequest::Context
 
     resource_request->render_frame_id = render_frame_id;
 
+    // Behave the same as a subresource load.
+    resource_request->fetch_request_context_type =
+        static_cast<int>(blink::mojom::RequestContextType::SUBRESOURCE);
+    resource_request->resource_type =
+        static_cast<int>(blink::mojom::ResourceType::kSubResource);
+
+    // Set the origin to match the request.
+    const GURL& url = GURL(request_->GetURL().ToString());
+    resource_request->request_initiator = url::Origin::Create(url);
+
+    if (request_flags & UR_FLAG_ALLOW_STORED_CREDENTIALS) {
+      // Include SameSite cookies.
+      resource_request->attach_same_site_cookies = true;
+      resource_request->site_for_cookies =
+          net::SiteForCookies::FromOrigin(*resource_request->request_initiator);
+    }
+
     // SimpleURLLoader is picky about the body contents. Try to populate them
     // correctly below.
     auto request_body = resource_request->request_body;