SessionManager: Abstract forceHTTPS cookie setting
This allows CentralAuthSessionProvider to avoid doing craziness like
this all the time:
Set-Cookie: forceHTTPS=true; path=/; httponly
Set-Cookie: forceHTTPS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
Set-Cookie: forceHTTPS=true; path=/; domain=.wikipedia.org; httponly
Set-Cookie: forceHTTPS=true; path=/; httponly
Set-Cookie: forceHTTPS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
Set-Cookie: forceHTTPS=true; path=/; domain=.wikipedia.org; httponly
Bug: T124421
Change-Id: I7e02afd032a246df6850208c26d3447798bc0fc2