Handle the unlikely case where different versions of a web application are deployed with different session settings This is the fix for CVE-2015-5346