Description
Nexus 2.x does not use Shiro RememberMe services, yet Nexus 2.x still sends a cookie back to the client for most requests:
Set-Cookie: rememberMe=deleteme etc.
This cookie header should be killed - it is pointless.
NX3 does use remember me services, so this exact bug does not apply there.