Remy Maucherat
committed
on 26 Aug 14
Related to EAP6-257: default httponly for sso to true since it probably doesn't hurt.