# HG changeset patch
# User Julien Cristau <julien.cristau@logilab.fr>
# Date 1435655703 -7200
# Node ID 78ba3e88a54996af6b5e75b67174263fb152fe3d
# Parent  fcba04437236a85a8934bee7d4c36015981d6ffe
set httponly on session cookie

diff -r fcba04437236 -r 78ba3e88a549 pyramid_cubicweb/session.py
--- a/pyramid_cubicweb/session.py	Tue Jun 30 11:15:54 2015 +0200
+++ b/pyramid_cubicweb/session.py	Tue Jun 30 11:15:03 2015 +0200
@@ -28,7 +28,7 @@
         path='/',
         domain=None,
         secure=False,
-        httponly=False,
+        httponly=True,
         set_on_exception=True,
         timeout=1200,
         reissue_time=120,