Make remember cookie HttpOnly

Fixes #24

src/app/views/login.py

@@ -63,7 +63,8 @@ class Login():
         session.userid = userid
         if remember:
             rememberme = self.rememberme(remember_timeout)
-            web.setcookie('remember', rememberme , remember_timeout, secure=True, samesite='Strict')
+            path = web.ctx.homepath + "/"
+            web.ctx.headers.append(('Set-Cookie', f'remember={rememberme}; Max-Age={remember_timeout}; Path={path}; Secure; HttpOnly; SameSite=Strict'))
 
     def check_rememberme(self):
         """