How to make csrf and cookies work inside of an iframe?

I will be having my website running in an iframe in a different website. When I do so the csrf token is not generated as the cookies are not being set.

I checked the source codes and saw that these options: “SameSite=None; Secure” are not added when shopware creates cookies. How can this be bypassed or fixed?

Extending the jquery plugin is not possible as these are done in statemanager plugin and csrf protection jquery plugin. They cannot be overwritten, can they?

That is the security behind it. If your iframe have another Host, so the Cookie does.

@brettvormkopp‍ so can it be fixed? anything else that can solve the issue that I have?