Jetty: Set session cookies to HttpOnly in all webapps

i2psnark: Remove extra mime types in i2psnark web.xml;
added to Jetty's default by now, or in our mime.properties file

apps/susimail/src/WEB-INF/web.xml

@@ -23,6 +23,9 @@
   </servlet-mapping>
   <session-config>
     <session-timeout>1440</session-timeout>
+    <cookie-config>
+      <http-only>true</http-only>
+    </cookie-config>
   </session-config>
   <!-- tomcat (untested) -->
   <context-param>