# Cookie篡改检测到：会话Cookie的HMAC签名验证失败

- **ID:** `security/cookie-tampering-hmac-signature`
- **领域:** security
- **类别:** auth_error
- **错误码:** `SEC-3001`
- **验证级别:** ai_generated
- **修复率:** 85%

## 根因

会话Cookie的HMAC签名与根据Cookie数据计算出的预期签名不匹配，表明Cookie已被客户端或攻击者修改。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| Express.js 4.18 | active | — | — |
| Flask 2.3 | active | — | — |
| Django 4.2 | active | — | — |
| ASP.NET Core 7.0 | active | — | — |

## 解决方案

1. ```
   Rotate the secret key and force all users to re-authenticate by clearing session stores. For Express.js: `app.use(session({ secret: 'new-secret', resave: false, saveUninitialized: true }))`
   ```
2. ```
   Implement cookie integrity monitoring: log and alert on signature failures, then invalidate the session immediately. Example: In Flask, catch `BadSignature` from `itsdangerous` and redirect to login.
   ```

## 无效尝试

- **** — Regenerating the secret key but not invalidating existing sessions causes all current sessions to fail, leading to mass logout, but doesn't fix the root cause of tampering. (40% 失败率)
- **** — Disabling signature validation entirely in development to bypass the error leaves the application vulnerable in production. (50% 失败率)
- **** — Some attempt to use a weaker hash algorithm like MD5 to 'fix' performance, but this reduces security and may still fail if the signature format changes. (10% 失败率)