#http-only #cookies #shiny #webdev #security