- Session: do not regenerate session ID when is newly created
- HttpExtension: option 'sameSiteProtection' does not change session cookie flag 'samesite'
- SessionExtension: added option handler to pass own SessionHandlerInterface (#146)
For the details you can have a look at the diff.
