Cookie improvements/Endless redirect after logging out of admin dashboard

After I log out of a Commento instance hosted on a subdirectory (https://example.com/comments), I get endlessly redirected between the login page and the dashboard. The redirects stop when I delete the "commentoOwnerToken" cookie from my browser, at least until I log in and out again.

It might be because the cookie is for the domain (example.com) and the path value for the cookie is / instead of /comments (?).

Even if the path isn't causing the issue, for security reasons, path should still be set to the subdirectory in the base URL so that the cookie isn't sent to any other programs running in other subdirectories of that domain.

The cookie should also be defined as secure if the base URL starts with https:// so that nothing sensitive or authenticating is transmitted over an insecure connection. Depending on how and when the cookie is used, the HttpOnly attribute should be set to true so that the cookie is not made available to the JavaScript running on a page.