This extension is part of the Rack::Protection project. Run gem install rack-protection to have it available.
- Prevented attack
-
Cookie Tossing
- Supported browsers
-
all
- More infos
- </dl>
- session_key
-
The name of the session cookie (default: ‘rack.session’)
</dl>
Does not accept HTTP requests if the HTTP_COOKIE header contains more than one session cookie. This does not protect against a cookie overflow attack.
Options: