To improve reliability of live streams (#59) on Safari.
Safari was dropping the cookie from websocket update requests.
(But it worked sometimes. I don't get why.) I saw folks on the Internet
thinking this related to HttpOnly:
* https://developer.apple.com/forums/thread/104488
* https://stackoverflow.com/q/47742807/23584
but I still see this behavior without HttpOnly. SameSite=Strict vs
SameSite=Lax appears to make a difference. Try that instead.
SameSite=Strict is pointless for us anyway as noted in a new comment.
Turning off HttpOnly would be more unfortunate security-wise.
It worked fine on my laptop with node.js v14.15.4, but not on my
new workstation with node.js v12.18.2 (as comes with Ubuntu 20.10).
It would print "Unexpected token '?'" without any clue what file the
error is in. I'm trying to fix that here:
https://github.com/facebook/create-react-app/pull/10652
