AngularJS creates unencrypted cookies while CakePHP expects encrypted

[jiru]

Steps to reproduce:

1. Go to /sentences/add with the new design and add a sentence.
2. A plain text contribute_lang cookie is created.

Compare with:

1. Go to /sentences/add without the new design and add a sentence.
2. An encrypted cookie contribute_lang is created.

You can check the cookie values in the developers options (Ctrl+Shift+C) in storage tab.

As a result, reading a cookie set by AngularJS from CakePHP will always return an empty string, and reading a cookie set by CakePHP from AngularJS will always return an unusable cyphertext.

A quick fix is to disable CakePHP’s cookie encryption, but we need to keep it at least for the rememberMe cookie. We do that already for the interface language cookie in AppController::beforeFilter().

I think that we overuse cookies anyway, and it can cause problems like #1908. We should consider moving them into session, or maybe user values, so that if I login from a different device/browser, I get all my "preselected" values back.