Which browsers do support HttpOnly cookies, and since which version?
Please see http://www.codinghorror.com/blog/archives/001167.html for a discussion of HttpOnly cookies and XSS-prevention.
Feel free to add to this list:
Up to date results can be found here:
http://www.browserscope.org/?category=security
(linked from the OWASP article mentioned above)
None of the links above offer a real compatibility table (OWASP page seems broken). Here is the link of :
Cookie (and HttpOnly) browser compatibility table from Mozilla
All major browsers support HttpOnly.