I have read the post carefully, but still it is not clear for me, should I take any actions.
I cannot reproduce any problems with Chrome Canary (enabling the feature , etc). So I will not be able to prove that I did everything correctly.
Our web app authenticates with IdP using componentspace library. No logout.
We are using v3.1.0 and the framework is 4.6.2, but I have found only one cookie which looks like discribed and its name is "ASP.NET_SesionId", not "SAML_SessionId"
Should I anyway add and enable http module?
I could check the cookie value (if it changes when update), but name still confuses me