RSPEC-2255 has been updated. The current implementation of the rule only raises issues on code writing cookies sent to the client. It should now also raise an issue on code reading cookies sent by the client.
The resulting "Questionable Code Example" should be:
Note that the message has also been changed.