be a bit fault tolerant with boolean cookie attributes and check if the string value is true, also allow the serialization of httponly... unknown if it can actually be set on the client side though

Fixes #1575

Author: lukeis

java/server/src/org/openqa/selenium/remote/server/handler/AddCookie.java

@@ -62,10 +62,8 @@ protected Cookie createCookie() {
     String value = (String) rawCookie.get("value");
     String path = (String) rawCookie.get("path");
     String domain = (String) rawCookie.get("domain");
-    Boolean secure = (Boolean) rawCookie.get("secure");
-    if (secure == null) {
-        secure = false;
-    }
+    boolean secure = getBooleanFromRaw("secure");
+    boolean httpOnly = getBooleanFromRaw("httpOnly");
 
     Number expiryNum = (Number) rawCookie.get("expiry");
     Date expiry = expiryNum == null ? null : new Date(
@@ -76,9 +74,23 @@ protected Cookie createCookie() {
         .domain(domain)
         .isSecure(secure)
         .expiresOn(expiry)
+        .isHttpOnly(httpOnly)
         .build();
   }
 
+  private boolean getBooleanFromRaw(String key) {
+    if (rawCookie.containsKey(key)) {
+      Object value = rawCookie.get(key);
+      if (value instanceof Boolean) {
+        return (Boolean) value;
+      }
+      if (value instanceof String) {
+        return ((String) value).equalsIgnoreCase("true");
+      }
+    }
+    return false;
+  }
+
   @Override
   public String toString() {
     return "[add cookie: " + createCookie() + "]";