id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
3979	HttpOnly flag on session id cookie	Henrik Vendelbo <info@…>	Adrian Holovaty	"Set this on the Django session id cookie.

https://bugzilla.mozilla.org/show_bug.cgi?id=178993

It will add good protection against XSS exploits on two major browsers."		closed	Contrib apps	dev		duplicate	session cookie		Unreviewed	0	0	0	0	0	0