How do I set the session cookie's HttpOnly setting to false?

Question

In Ruby on Rails, how do I set the session cookie's httpOnly setting to false?

Answer 1

In Rails 4, you need to edit config/initializers/session_store.rb

Rails.application.config.session_store(
  :cookie_store,
  key: '_socializus_session',
  httponly: false,
)

Answer 2

This is how i did it with Rails 3:

Testapp::Application.config.session_store :cookie_store, key: '_testapp_session', :domain => :all, :httponly => false