Corrupt Session Cookies

Okay, so typically this is not the kind of thing I post to this list as it’s more of a question, but I think core members may want to at least be aware of this.

I’m running a production app on edge build 7059 (Early June), and I haven’t made any changes recently, but all of a sudden I started getting a flood of:

CGI::Session::CookieStore::TamperedWithCookie exceptions.

Previously I had infrequently seen these from search engine spiders, but this latest batch is occurring on a seemingly random distribution of actions/browsers/remote_addrs. I have not received any complaints from users, and I haven’t been able to reproduce the error.

I’m not storing models in the session, just a handful of IDs, so the cookies should be small and robust against model changes (although as I mentioned, I haven’t pushed any updates for over a week).

I’ve really been loving the cookie-based sessions, but this is a bit disconcerting. I’m tempted to turn off exception notification for this particular exception, but the sudden flood of them is cause for concern. Given my inability to reproduce this problem I’m just wondering if anyone has experienced anything similar or has any insight into possible causes? If it keeps up Ill be forced to unleash the full debug-fu, but I foresee a major time investment.