Default cookie to /

[ambs]

Refactored PR from old @bigpresh branch.
Shouldn't hurt.

[ambs]

The alternative is this commit: 01baec5

@xsawyerx, whose do you prefer?

[xsawyerx]

What does the RFC specify?

[bigpresh]

http://tools.ietf.org/html/rfc6265#section-5.2.4 says:

If the attribute-value is empty or if the first character of the attribute-value is not %x2F ("/"):

Let cookie-path be the default-path.

http://tools.ietf.org/html/rfc6265#section-5.1.4 explains how the default-path should be calculated - but it will be based on the URL requested.

For e.g. if the cookie is being set as a result of a request for /foo/bar, the default-path for the cookie would be '/foo/bar- so it would *not* be sent in future requests for e.g./baror/foo/baz` - which is somewhat surprising behaviour for most users.

Defaulting to / makes cookies behave the way I think most people would expect it to behave in the absence of a specified path.

[ambs]

I would say that with my vote and @bigpresh one, we could just merge, but I'll be a good boy and wait for @xsawyerx 👍

[xsawyerx]

Since this is not an urgent issue, I'd rather we not rush into it.
I generally believe going by the RFC is best. In case of surprised users, we can point to it and show we're not trying to be clever. If someone is already used to the RFC, we're screwing with them, and that won't be taken fondly.

[shumphrey]

If I read D1 correctly, it defaults to '/' if not otherwise specified.
@xsawyerx have you had any more thoughts on RFC vs intuitiveness?

[xsawyerx]

Will review today. @shumphrey thanks for poking!

[ambs]

@xsawyerx, one week, so, poking again :)

[veryrusty]

Pr #121 changed the default value of Dancer2::Core::Cookie->path to be '/', which makes this Pr unnecessary. Closing :)