I believe this is the relevant firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1741489

I am not a security expert on cookies, but I assume setting SameSite to None (even with Secure) is too lax of a policy?

I am using a package manager so that might not be an option since it would be overwritten frequently right?

Would light customization include support for setting a favicon? Or is there a pattern for that already?