cfduid samesite=lax blocked WordPress ajax request in an iframed mobile app

Hi there

I have an iframed mobile app which runs my WordPress site in a WebView environment within an iframe. The notification alert requires ajax to function, but it fails and report a Status 400 error due to cfduid has an attribute samesite=lax. This blocked the ajax request from app to my server.

How can i set samesite=None Secure in set-cookie() in Cloudflare?