diff --git a/WebRoot/public/login.jsp b/WebRoot/public/login.jsp
index 4449eff2f6..1405d86634 100644
--- a/WebRoot/public/login.jsp
+++ b/WebRoot/public/login.jsp
@@ -153,6 +153,7 @@
 								// Delete cookie
 								Cookie csrfCookie = new Cookie("ZM_LOGIN_CSRF", "");
 								csrfCookie.setMaxAge(0);
+								csrfCookie.setPath("/");
 								response.addCookie(csrfCookie);
 
 								pageContext.setAttribute("login_csrf", "");
@@ -188,6 +189,7 @@
 					// Delete cookie
 					Cookie csrfCookie = new Cookie("ZM_LOGIN_CSRF", "");
 					csrfCookie.setMaxAge(0);
+					csrfCookie.setPath("/");
 					response.addCookie(csrfCookie);
 
 					pageContext.setAttribute("login_csrf", "");
@@ -386,12 +388,14 @@ if (application.getInitParameter("offlineMode") != null) {
 <%
 	Cookie testCookie = new Cookie("ZM_TEST", "true");
 	testCookie.setSecure(com.zimbra.cs.taglib.ZJspSession.secureAuthTokenCookie(request));
+	testCookie.setPath("/");
 	response.addCookie(testCookie);
 
 	String csrfToken = UUID.randomUUID().toString();
 	Cookie csrfCookie = new Cookie("ZM_LOGIN_CSRF", csrfToken);
 	csrfCookie.setSecure(com.zimbra.cs.taglib.ZJspSession.secureAuthTokenCookie(request));
 	csrfCookie.setHttpOnly(true);
+	csrfCookie.setPath("/");
 	response.addCookie(csrfCookie);
 
 	pageContext.setAttribute("login_csrf", csrfToken);