diff --git a/src/tests/multidomain/test_middlewares.py b/src/tests/multidomain/test_middlewares.py
index bc2ddbea40..9dbdbba01d 100644
--- a/src/tests/multidomain/test_middlewares.py
+++ b/src/tests/multidomain/test_middlewares.py
@@ -121,8 +121,9 @@ def test_with_forwarded_host(env, client):
     'Safari/534.59.10',
 ])
 def test_cookie_samesite_none(env, client, agent):
-    client.post('/mrmcd/2015/cart/add', HTTP_HOST='example.com', HTTP_USER_AGENT=agent)
-    r = client.get('/mrmcd/2015/', HTTP_HOST='example.com', HTTP_USER_AGENT=agent)
+    client.post('/mrmcd/2015/cart/add', HTTP_HOST='example.com', HTTP_USER_AGENT=agent,
+                secure=True)
+    r = client.get('/mrmcd/2015/', HTTP_HOST='example.com', HTTP_USER_AGENT=agent, secure=True)
     assert r.client.cookies['pretix_csrftoken']['samesite'] == 'None'
     assert r.client.cookies['pretix_session']['samesite'] == 'None'
 
@@ -139,6 +140,6 @@ def test_cookie_samesite_none(env, client, agent):
     'Safari/534.59.10',
 ])
 def test_cookie_samesite_none_only_on_compatible_browsers(env, client, agent):
-    client.post('/mrmcd/2015/cart/add', HTTP_HOST='example.com', HTTP_USER_AGENT=agent)
-    r = client.get('/mrmcd/2015/', HTTP_HOST='example.com', HTTP_USER_AGENT=agent)
+    client.post('/mrmcd/2015/cart/add', HTTP_HOST='example.com', HTTP_USER_AGENT=agent, secure=True)
+    r = client.get('/mrmcd/2015/', HTTP_HOST='example.com', HTTP_USER_AGENT=agent, secure=True)
     assert not r.client.cookies['pretix_csrftoken'].get('samesite')