Add options for cookie handling

[gpeipman]

It would be nice if there are options for cookies handling. Two things I can propose:

1. Option to ignore all cookies (they are often used for client-side stuff only in public sites)
2. Option to give names of cookies to ignore

Second option is specially important as currently it is not possible to use Application Insights with response caching as AI uses cookies when browser-side diagnostics are enabled. I think in this case request cookies must be just copied to response to not delete them.

[JunTaoLuo]

This could be useful. It would be another reason we need #52.

[gpeipman]

I made copy of classes in 1.1 branch to my prototype solution and commented out the check for cookie header. Application Insights started working after this.

[Tratcher]

Doesn't ResponseCaching already ignore all Set-Cookie headers?

[gpeipman]

It doesn't ignore these. It doesn't cache if this header is present.

[RehanSaeed]

#128 is related. No caching also occurs if the Authorization HTTP header is present.

My proposal is that when the Authorization HTTP header is present, the cached entry should be taken, the Authorization and Set-Cookie HTTP headers on it should be updated from the current request and the response returned. #52 would mean we could do this ourselves but I think the above should be built in to the middleware.

[aspnet-hello]

This issue was moved to dotnet/aspnetcore#2609