I haven't found anything in the web2py documentation about setting the httponly attribute for cookies and sessions.
For sessions, there is session.secure() to set the session cookies to secure, is there a similiar method to setting the httponly option for session cookies? Also for regular cookies, the following would make the cookie secure response.cookies['mycookie']['secure'] = True So is there something similar you can do to set HttpOnly to true? --
