open fun setCookieHttpOnlyFlag(httpOnly: Boolean): SessionHandler
Sets whether the 'HttpOnly' flag should be set for the session cookie. When set this flag instructs browsers to prevent Javascript access to the the cookie. Used as a line of defence against the most common XSS attacks.
httpOnly - true to set the HttpOnly flag on the cookie
Return
a reference to this, so the API can be used fluently