Configuration of the csrf cookies paths

### Preflight checklist

- [x] I could not find a solution in the existing issues, docs, nor discussions.
- [x] I agree to follow this project's [Code of Conduct](https://github.com/ory/hydra/blob/master/CODE_OF_CONDUCT.md).
- [x] I have read and am following this repository's [Contribution Guidelines](https://github.com/ory/hydra/blob/master/CONTRIBUTING.md).
- [ ] I have joined the [Ory Community Slack](https://slack.ory.sh).
- [ ] I am signed up to the [Ory Security Patch Newsletter](https://www.ory.sh/l/sign-up-newsletter).

### Ory Network Project

_No response_

### Describe your problem

We want to limit the exposure of Ory Hydras CSRF cookies.

### Describe your ideal solution

We would like to configure the `Path` part of each CSRF cookie.

Currently, the [Path](https://github.com/ory/hydra/blob/master/consent/csrf.go#L20) is not set explicitly, which exposes the cookie to all systems under that domain.
One or more configuration fields could be introduced following the solution for [configuring the session cookie path](https://github.com/ory/hydra/issues/3473).


### Workarounds or alternatives

Proxying calls to Hydra and re-writing the cookie headers to the correct values.

### Version

v25.4.0

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Configuration of the csrf cookies paths #4059

Preflight checklist

Ory Network Project

Describe your problem

Describe your ideal solution

Workarounds or alternatives

Version

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Configuration of the csrf cookies paths #4059

Description

Preflight checklist

Ory Network Project

Describe your problem

Describe your ideal solution

Workarounds or alternatives

Version

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions