Adding explicit Flask session cookie options to default config

[craig-rueda]

CATEGORY

Choose one

• Bug Fix
• Enhancement (new features, refinement)
• Refactor
• Add tests
• Build / Development Environment
• Documentation

SUMMARY

This will enforce a SameSite policy of Lax for session cookies served up by Superset.
(https://www.owasp.org/index.php/SameSite)
The SameSite cookie attribute attempts to solve many of the issues associated with cross origin attacks as they relate to cookies with a single option.

In this PR, I'm basically surfacing the underlying Flask options which control these options and am providing a sensible set of defaults.

REVIEWERS

@mistercrunch @dpgaspar

[codecov-io]

Codecov Report

Merging #8317 into master will increase coverage by <.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #8317      +/-   ##
==========================================
+ Coverage   67.74%   67.75%   +<.01%     
==========================================
  Files         451      451              
  Lines       22699    22702       +3     
  Branches     2370     2370              
==========================================
+ Hits        15378    15381       +3     
  Misses       7184     7184              
  Partials      137      137

Impacted Files	Coverage Δ
superset/config.py	89% <100%> (+0.17%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3764d43...34913cb. Read the comment docs.