Rui Carmo
Never trust cookies. Fortunately, the fixes are way easier comparatively to the Rails YAML mess. I’ve been reading up on safe serialization, and fortunately have no code that’s vulnerable to this (I tend to do stuff that has zero user input, and yet manages to verge on the paranoid…).