diff --git a/changelog/unreleased/37442 b/changelog/unreleased/37442
new file mode 100644
index 000000000000..3c58d48a6a3b
--- /dev/null
+++ b/changelog/unreleased/37442
@@ -0,0 +1,3 @@
+Change: Use strict samesize cookie
+
+https://github.com/owncloud/core/pull/37442
diff --git a/lib/private/Session/CryptoWrapper.php b/lib/private/Session/CryptoWrapper.php
index 31b16d9fcb7d..438c58d7afcc 100644
--- a/lib/private/Session/CryptoWrapper.php
+++ b/lib/private/Session/CryptoWrapper.php
@@ -89,7 +89,21 @@ public function __construct(IConfig $config,
 				if ($webRoot === '') {
 					$webRoot = '/';
 				}
-				\setcookie(self::COOKIE_NAME, $this->passphrase, 0, $webRoot, '', $secureCookie, true);
+
+				if (\version_compare(PHP_VERSION, '7.3.0') === -1) {
+					\setcookie(self::COOKIE_NAME, $this->passphrase, 0, $webRoot, '', $secureCookie, true);
+				} else {
+					$options = [
+						"expires" => 0,
+						"path" => $webRoot,
+						"domain" => '',
+						"secure" => $secureCookie,
+						"httponly" => true,
+						"samesite" => 'strict'
+					];
+
+					\setcookie(self::COOKIE_NAME, $this->passphrase, $options);
+				}
 			}
 		}
 	}