Allow users to add Partitioned attribute to session cookie

[taylorcj98]

With Chrome disabling all 3rd-party cookies in a future update (https://developers.google.com/privacy-sandbox/3pcd/prepare/prepare-for-phaseout), Kibana session cookies that are used for embedding on 3rd-party sites will no longer be valid. There needs to be a security setting to allow users to add a "Partitioned" attribute to session cookies. This will allow sites with Kibana embedded to continue to use session cookies.

Update by @legrego: Blocked on hapijs/statehood#88

[elasticmachine]

Pinging @elastic/kibana-security (Team:Security)

[legrego]

Hey @taylorcj98, thanks for raising this. We rely on Hapi / statehood to manage our cookies, and we are waiting on support upstream before we can take advantage of this.

We are watching hapijs/statehood#88, and will add support to Kibana once this is available.