Searching for possible ways to get cookie with httpOnly enabled, I cannot find any. But then again, how do browser addons like Firebug, Add 'N Edit Cookie, etc. can get the cookies? Can't an attacker do the same?
So my question is, is it really, really impossible to get cookie of httpOnly enabled requests, using javascript?
p/s: Yes I'm aware httpOnly doesn't stop XSS attacks. I'm also aware it's futile against sniffers. Let's just focus on javascript, sort of alert(document.cookie) type / pre httpOnly era.