How do I set the session cookie's HttpOnly setting to false?
In Rails 4, you need to edit config/initializers/session_store.rb
Rails.application.config.session_store( :cookie_store, key: '_socializus_session', httponly: false,)
This is how i did it with Rails 3:
Testapp::Application.config.session_store :cookie_store, key: '_testapp_session', :domain => :all, :httponly => false
I figured this out. In /config/environment.rb
include this code:
config.action_controller.session = { :httponly => false }