Fixing Session Fixation
Version 0.6.0 of passport
has been released, which improves robustness against classes of session fixation attacks. Being a security enhancement, I’d advise upgrading as soon as possible. But first, let’s look at the problem and the enhancements introduced in this release in order to…