Delete a cookie across all possible paths

[annevk]

@yoavweiss has suggested a Delete-Cookie header, but the semantics he has in mind are not supported by this API I think. (If we ignore HttpOnly cookies, which should not be deletable through this API.)

For that we'd need something like path: "*", maybe?

If we're going ahead with a Delete-Cookie header at some point, we should have parity at the API level in my opinion.

cc @RupinMittal @bakulf @johannhof

[johannhof]

Agreed in principle on the goal of API parity.

cc @DCtheTall