Add missing cookie options when restoring a cookie

[zipleen]

I've added some missing cookie options: domain, path, expires, secure and httponly are required by some websites, otherwise the cookie is considered invalid.

The patch is pretty innocuous, but my main 2 concerns on this patch are:

• in order to get "httponly" we need to cast to ClientCookie (Cookie does not expose this)
• the cookie format was not checked to see if it's always like this, and timezone is hardcoded to GMT (I didn't check the cookie specs to see that this is always true, I just followed what Chrome was receiving / sending)

Regardless, this should improve reliability when saving / restoring cookies from jBrowser.

[hollingsworthd]

Thanks for submitting this! To me it looks totally safe to cast to ClientCookie after reading the HttpClient javadocs as all the concrete classes that implement Cookie also implement ClientCookie.

Also it looks like Firefox and Chrome both use GMT so I'm comfortable with that.

My only concern is on DateTimeFormat that class is (shockingly) not thread safe. I will change it to create a new instance each use.