An impending doom? Possibly. There was a thread on the Rails Core list not too long ago, titled “Cookie session security and open-source“, and they covered what seems to be an obvious security flaw. I distinctly remember following the events as it...