Whether the cookie should be marked as Secure. Defaults to false unless Same Site=None attribute is used.