From 0ad4ae90c9a4071771bad58c199bfda54086b46d Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 21 Oct 2016 09:56:14 -0400
Subject: [PATCH] Remove 'path' condition for session cookie

The cookie had an unnecessary limitation.  path need not be specified,
and it is possible for a client to request in a way that fails the criteria.
---
 confluent_server/confluent/httpapi.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/confluent_server/confluent/httpapi.py b/confluent_server/confluent/httpapi.py
index 323d55fd..a65483e8 100644
--- a/confluent_server/confluent/httpapi.py
+++ b/confluent_server/confluent/httpapi.py
@@ -290,7 +290,6 @@ def _authorize_request(env, operation):
         cookie['confluentsessionid'] = sessid
         cookie['confluentsessionid']['secure'] = 1
         cookie['confluentsessionid']['httponly'] = 1
-        cookie['confluentsessionid']['path'] = '/'
     skiplog = _should_skip_authlog(env)
     if authdata:
         auditmsg = {