Problemunvalidated
A Rails cookie_store session cookie decrypted from production contains no explicit timestamp fields, so it’s unclear how Rails determines when the session should expire to prevent session replay attacks.
9dfa938e-c1f0-4f7a-8fd3-2201f646130e
A Rails cookie_store session cookie decrypted from production contains no explicit timestamp fields, so it’s unclear how Rails determines when the session should expire to prevent session replay attacks.