Add httponly to session cookie
Middleware to set "sessionid" (ou your session cookie) with httponly (see ["Django bug report"](http://code.djangoproject.com/ticket/3304)). To work, you need put it before "SessionMiddleware"
- cookie
- security
- httponly
Snippet List
Middleware for using HttpOnly session cookie (including monkey patching for support for Python <2.6)
A middleware to set the httponly flag on the session cookie. Including monkey patching for support for Python <2.6.
- middleware
- sessions
- httponly