diff --git a/middleware/session/README.md b/middleware/session/README.md
index 35493e32e7..2c13de035a 100644
--- a/middleware/session/README.md
+++ b/middleware/session/README.md
@@ -140,8 +140,8 @@ type Config struct {
 	// Optional. Default value false.
 	CookieHTTPOnly bool
 
-	// Indicates if CSRF cookie is HTTP only.
-	// Optional. Default value false.
+	// Sets the CSRF cookie SameSite attribute.
+	// Optional. Default value "Lax".
 	CookieSameSite string
 
 	// KeyGenerator generates the session key.
diff --git a/middleware/session/session.go b/middleware/session/session.go
index 99f33a50c0..c8be6625b3 100644
--- a/middleware/session/session.go
+++ b/middleware/session/session.go
@@ -202,7 +202,6 @@ func (s *Session) setSession() {
 		fcookie.SetSecure(s.config.CookieSecure)
 		fcookie.SetHTTPOnly(s.config.CookieHTTPOnly)
 
-		// TODO Default value should be set to `strict` in fiber v3.
 		switch utils.ToLower(s.config.CookieSameSite) {
 		case "strict":
 			fcookie.SetSameSite(fasthttp.CookieSameSiteStrictMode)