Suppress CodeQL SM02373 Secure-only cookies warning

[MihaZupan]

Suppressing as a false positive. Whether Secure is used depends on configuration (defaults to false). If you're not using HTTPS, it's still reasonable that you might want to use session affinity. The values in our case aren't specific to the user and are either a) not considered sensitive (e.g. hash-based policies), or b) are encrypted using DataProtection. The cookie names may indicate which clusters a user has previously used.