diff --git a/spring-web/src/main/java/org/springframework/http/ResponseCookie.java b/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
index 7a582def77..0c448abf35 100644
--- a/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
+++ b/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
@@ -115,6 +115,7 @@ public final class ResponseCookie extends HttpCookie {
 	 * <p>This limits the scope of the cookie such that it will only be attached to
 	 * same site requests if {@code "Strict"} or cross-site requests if {@code "Lax"}.
 	 * @see <a href="https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis#section-4.1.2.7">RFC6265 bis</a>
+	 * @since 5.1
 	 */
 	@Nullable
 	public String getSameSite() {
@@ -235,7 +236,7 @@ public final class ResponseCookie extends HttpCookie {
 			}
 
 			@Override
-			public ResponseCookieBuilder sameSite(String sameSite) {
+			public ResponseCookieBuilder sameSite(@Nullable String sameSite) {
 				this.sameSite = sameSite;
 				return this;
 			}
@@ -295,9 +296,11 @@ public final class ResponseCookie extends HttpCookie {
 		 * <p>This limits the scope of the cookie such that it will only be
 		 * attached to same site requests if {@code "Strict"} or cross-site
 		 * requests if {@code "Lax"}.
+		 * <p>By default set to {@code "Strict"}.
 		 * @see <a href="https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis#section-4.1.2.7">RFC6265 bis</a>
+		 * @since 5.1
 		 */
-		ResponseCookieBuilder sameSite(String sameSite);
+		ResponseCookieBuilder sameSite(@Nullable String sameSite);
 
 		/**
 		 * Create the HttpCookie.
diff --git a/spring-web/src/main/java/org/springframework/web/server/session/CookieWebSessionIdResolver.java b/spring-web/src/main/java/org/springframework/web/server/session/CookieWebSessionIdResolver.java
index 10e110d535..6a328f20a9 100644
--- a/spring-web/src/main/java/org/springframework/web/server/session/CookieWebSessionIdResolver.java
+++ b/spring-web/src/main/java/org/springframework/web/server/session/CookieWebSessionIdResolver.java
@@ -23,6 +23,7 @@ import java.util.stream.Collectors;
 
 import org.springframework.http.HttpCookie;
 import org.springframework.http.ResponseCookie;
+import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.server.ServerWebExchange;
@@ -81,8 +82,9 @@ public class CookieWebSessionIdResolver implements WebSessionIdResolver {
 	 * Set the value for the "SameSite" attribute of the cookie that holds the
 	 * session id. For its meaning and possible values, see
 	 * {@link ResponseCookie#getSameSite()}.
-	 * <p>By default set to {@code "Strict"}
+	 * <p>By default set to {@code "Strict"}.
 	 * @param sameSite the SameSite value
+	 * @since 5.1
 	 */
 	public void setSameSite(String sameSite) {
 		this.sameSite = sameSite;
@@ -90,11 +92,13 @@ public class CookieWebSessionIdResolver implements WebSessionIdResolver {
 
 	/**
 	 * Return the configured "SameSite" attribute value for the session cookie.
+	 * @since 5.1
 	 */
 	public String getSameSite() {
 		return this.sameSite;
 	}
 
+
 	@Override
 	public List<String> resolveSessionIds(ServerWebExchange exchange) {
 		MultiValueMap<String, HttpCookie> cookieMap = exchange.getRequest().getCookies();
@@ -108,21 +112,26 @@ public class CookieWebSessionIdResolver implements WebSessionIdResolver {
 	@Override
 	public void setSessionId(ServerWebExchange exchange, String id) {
 		Assert.notNull(id, "'id' is required");
-		setSessionCookie(exchange, id, getCookieMaxAge(), getSameSite());
+		ResponseCookie cookie = initSessionCookie(exchange, id, getCookieMaxAge(), getSameSite());
+		exchange.getResponse().getCookies().set(this.cookieName, cookie);
 	}
 
 	@Override
 	public void expireSession(ServerWebExchange exchange) {
-		setSessionCookie(exchange, "", Duration.ofSeconds(0), "");
+		ResponseCookie cookie = initSessionCookie(exchange, "", Duration.ZERO, null);
+		exchange.getResponse().getCookies().set(this.cookieName, cookie);
 	}
 
-	private void setSessionCookie(ServerWebExchange exchange, String id, Duration maxAge, String sameSite) {
-		String name = getCookieName();
-		boolean secure = "https".equalsIgnoreCase(exchange.getRequest().getURI().getScheme());
-		String path = exchange.getRequest().getPath().contextPath().value() + "/";
-		exchange.getResponse().getCookies().set(name,
-				ResponseCookie.from(name, id).path(path)
-						.maxAge(maxAge).httpOnly(true).secure(secure).sameSite(sameSite).build());
+	private ResponseCookie initSessionCookie(
+			ServerWebExchange exchange, String id, Duration maxAge, @Nullable String sameSite) {
+
+		return ResponseCookie.from(this.cookieName, id)
+				.path(exchange.getRequest().getPath().contextPath().value() + "/")
+				.maxAge(maxAge)
+				.httpOnly(true)
+				.secure("https".equalsIgnoreCase(exchange.getRequest().getURI().getScheme()))
+				.sameSite(sameSite)
+				.build();
 	}
 
 }