Fix path of CSRF Token cookie

[RobinDaugherty]

Fixes #476.

Since the initial Better Errors console can be opened on any path, the CSRF cookie might be set initially within a path. This would limit the visibility of the cookie, causing subsequent requests to internal Better Errors calls (which are are at /__better_errors) to fail because the cookie is not available in the request.

This fixes the issue by setting the CSRF Token cookie in the root path, which will make it available to all internal Better Errors requests as well as any console that will open as the result of an error thrown within the application.

In order to reduce any problems caused by CSRF tokens set with a limited path by an older version of Better Errors, the BE version is now also part of the CSRF Token cookie name. While the cookie would expire at the end of the browser session, this will eliminate the possibility that the developer will get a CSRF error after upgrading Better Errors, restarting their server, and then hitting Refresh in the browser (which is honestly a pretty likely scenario).

[MrJoy]

Awesome! Thank you so much!

[y-yagi]

@RobinDaugherty Do you have a plan to release 2.8.2? The lib/better_errors/version.rb already bumped with be7475b, but 2.8.2 doesn't exist in Rubygems https://rubygems.org/gems/better_errors/versions.

[RobinDaugherty]

Very sorry @y-yagi somehow I messed that up. It should be available through rubygems now.

[y-yagi]

@RobinDaugherty Thank you!!