set HttpOnly to false for Localization cookie in static rendering

Oqtane.Client/Themes/Controls/Theme/LanguageSwitcher.razor

@@ -56,16 +56,16 @@
                 var localizationCookieValue = CookieRequestCultureProvider.MakeCookieValue(new RequestCulture(culture));
 
                 HttpContext.Response.Cookies.Append(CookieRequestCultureProvider.DefaultCookieName, localizationCookieValue, new CookieOptions
-                    {
+                {
-                        Path = "/",
+                    Path = "/",
-                        Expires = DateTimeOffset.UtcNow.AddYears(365),
+                    Expires = DateTimeOffset.UtcNow.AddYears(365),
-                        SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax, // Set SameSite attribute
+                    SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax, // Set SameSite attribute
-                        Secure = true, // Ensure the cookie is only sent over HTTPS
+                    Secure = true, // Ensure the cookie is only sent over HTTPS
-                        HttpOnly = true // Optional: Helps mitigate XSS attacks
+                    HttpOnly = false // cookie is updated using JS Interop in Interactive render mode
-                    });
+                });
 
             }
-            NavigationManager.NavigateTo(NavigationManager.Uri.Replace($"?culture={culture}", ""), true);
+            NavigationManager.NavigateTo(NavigationManager.Uri.Replace($"?culture={culture}", ""));
         }
     }
 

Oqtane.Server/Components/App.razor

@@ -609,7 +609,7 @@
             Expires = DateTimeOffset.UtcNow.AddYears(1),
             SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax, // Set SameSite attribute
             Secure = true, // Ensure the cookie is only sent over HTTPS
-            HttpOnly = false // cookie is updated using JS Interop
+            HttpOnly = false // cookie is updated using JS Interop in Interactive render mode
         };
 
         Context.Response.Cookies.Append(