Hi,
Would it be possible to add support for HTTP-only cookies in the
Cookie/NewCookie classes (see
http://www.owasp.org/index.php/HTTPOnly)?
I understand that this extension is non-standard and does not give full
protection against XSS - but it should be trivial to implement.
Bertold