From a66fbe2d5ecbfd9c4b7353cb18ef3e793473683b Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Wed, 16 May 2007 01:32:28 +0000
Subject: [PATCH] do not send cookie when session is passed in URL, same as it
 happens with GET/POST

---
 ext/session/session.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ext/session/session.c b/ext/session/session.c
index 09408eb314..874bbc67d9 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -1275,6 +1275,7 @@ PHPAPI void php_session_start(TSRMLS_D)
 		p += lensess + 1;
 		if ((q = strpbrk(p, "/?\\"))) {
 			PS(id) = estrndup(p, q - p);
+			PS(send_cookie) = 0;
 		}
 	}
 
-- 
2.40.0