[TobbenTM]

You don’t open up for CSRF attacks if you use same site cookies, which I guess is part of why this pattern is seeing more use now.