diff -Naurp php-7.0.2RC1/php.ini-development php-7.0.2RC1.oden/php.ini-development --- php-7.0.2RC1/php.ini-development 2015-12-26 07:51:56.869130228 +0100 +++ php-7.0.2RC1.oden/php.ini-development 2015-12-26 07:52:34.537420491 +0100 @@ -1267,6 +1267,11 @@ session.use_cookies = 1 ; http://php.net/session.use-only-cookies session.use_only_cookies = 1 +; This option forces new session ID when browser supplied uninitialized session +; ID. By enabling this option, module prevents session fixation based on adoption. +; http://php.net/session.use-strict-mode +session.use_strict_mode = 0 + ; Name of the session (used as cookie name). ; http://php.net/session.name session.name = PHPSESSID diff -Naurp php-7.0.2RC1/php.ini-production php-7.0.2RC1.oden/php.ini-production --- php-7.0.2RC1/php.ini-production 2015-12-26 07:51:56.869130228 +0100 +++ php-7.0.2RC1.oden/php.ini-production 2015-12-26 07:52:34.537420491 +0100 @@ -1267,6 +1267,11 @@ session.use_cookies = 1 ; http://php.net/session.use-only-cookies session.use_only_cookies = 1 +; This option forces new session ID when browser supplied uninitialized session +; ID. By enabling this option, module prevents session fixation based on adoption. +; http://php.net/session.use-strict-mode +session.use_strict_mode = 0 + ; Name of the session (used as cookie name). ; http://php.net/session.name session.name = PHPSESSID