diff --git a/application/src/main/java/run/halo/app/infra/webfilter/LocaleChangeWebFilter.java b/application/src/main/java/run/halo/app/infra/webfilter/LocaleChangeWebFilter.java
index 1da379c13e..d4bd8e661f 100644
--- a/application/src/main/java/run/halo/app/infra/webfilter/LocaleChangeWebFilter.java
+++ b/application/src/main/java/run/halo/app/infra/webfilter/LocaleChangeWebFilter.java
@@ -45,15 +45,19 @@ public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
                     .getFirst(LANGUAGE_PARAMETER_NAME);
                 if (StringUtils.hasText(language)) {
                     var locale = Locale.forLanguageTag(language);
-                    exchange.getResponse()
-                        .addCookie(ResponseCookie.from(LANGUAGE_COOKIE_NAME, locale.toLanguageTag())
-                            .path("/")
-                            .secure(true)
-                            .build()
-                        );
+                    setLanguageCookie(exchange, locale);
                 }
             })
             .then(Mono.defer(() -> chain.filter(exchange)));
     }
 
+    void setLanguageCookie(ServerWebExchange exchange, Locale locale) {
+        var cookie = ResponseCookie.from(LANGUAGE_COOKIE_NAME, locale.toLanguageTag())
+            .path("/")
+            .httpOnly(true)
+            .secure("https".equalsIgnoreCase(exchange.getRequest().getURI().getScheme()))
+            .sameSite("Lax")
+            .build();
+        exchange.getResponse().getCookies().set(LANGUAGE_COOKIE_NAME, cookie);
+    }
 }