That should of course be

PerlSetVar WhatEverPath /

It is the path part of a URL. The HTML Cookie specification defines it, and this is AuthCookie's way of letting you set it.

If the request domain + path doesn't match those set in the cookie, then the browser won't send the cookie to the server.

When using cookies for non-auth purposes, there are lots of cases where you would want something more specific than / (to set a preference specific to an add at some.web.site/some/app, for example). You're right that, for auth, it's hard to imagine when you wouldn't want to just leave it as /.

...Steve
--
Steve van der Burg
Information Technology Services
London Health Sciences Centre
& St. Joseph's Health Care London
(519) 685-8500 ext 35559
--------------------------------------------------------------------------------
This information is directed in confidence solely to the person named above and may contain confidential and/or privileged material. This information may not otherwise be distributed, copied or disclosed. If you have received this e-mail in error, please notify the sender immediately via a return e-mail and destroy original message. Thank you for your cooperation.

On Mon, 27 Jul 2015 10:30:11 -0700
It's a path; see :

https://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path

AuthCookie maintainer here.

Its the path that will be sent in the HTTP Cookie.

As already mentioned by others is the path component of the cookie.

If you set a cookie with path=/foo for example, that cookie is only
supposed to be sent by the client for urls that begin with /foo.

For example if you have a directory called /secure, and you only require
AuthCookie authentication to access urls under this directory, you might
set the path to /secure

Regards,
Michael Schout