Hello Folks, During the code walkthrough, I observed that everywhere the cookie path attribute is hardcoded as root '/' using the setPath() method. This is not the correct implementation because if the cookie path is set to the root '/', then the cookie will be sent to all the application under the same domain.
Is there any best practice around this? Should it be configurable? IMO, the cookie path should be set to '/users/' directory. WDYT? Thanks! Deepak Nigam HotWax Systems Pvt. Ltd
