CookieTempDataProvider shouldn't set cookie path if PathBase is empty

[DamianEdwards]

Steps to reproduce

1. Create a default MVC app & configure it to use CookieTempDataProvider

2. Add an action method on HomeController to accept a form post that sets a temp data value and redirects back to the home page:

   public IActionResult IndexPost()
   {
       TempData["ClickMessage"] = "clicked";
       return RedirectToAction(nameof(Index));
   }

3. Add a <form> in the Views/Home/Index.cshtml view file to allow posting to the action and showing the message in temp data:

   <div>
       <form method="post" asp-action="IndexPost">
           <button type="submit">Click me!</button>
       </form>
       <p>@TempData["ClickMessage"]</p>
   </div>

4. Run the site & click the button on the home page

Expected results

The message is show under the form when the button is clicked

Actual results

The message isn't shown until manually navigating to /Home/Index

Details

This line seems wrong, I believe it shouldn't be setting the cookie Path unless PathBase is not empty, given the intent is to restrict the cookie to this logical site, and setting the cookie's Path to an empty string flows that to the browser where it appears to be interpreted as "restrict cookie to the current path only". This ends up making it impossible to use with conventional routes where the path between GET and POST is always different.

[kichalla]

a3c06b0