Session: do not regenerate session ID when is newly created

Author: dg

src/Http/Session.php

@@ -123,7 +123,9 @@ private function initialize(): void
 		// regenerate empty session
 		if (empty($nf['Time'])) {
 			$nf['Time'] = time();
-			$this->regenerateId(); // ensures that the session was created in strict mode (see use_strict_mode)
+			if ($this->request->getCookie(session_name())) { // ensures that the session was created in strict mode (see use_strict_mode)
+				$this->regenerateId();
+			}
 		}
 
 		// process meta metadata

tests/Http/Session.regenerateId().phpt

@@ -25,7 +25,7 @@ $ref = 10;
 
 $session->regenerateId();
 $newId = $session->getId();
-Assert::same($newId, $oldId); // new session is regenerated by $session->start()
+Assert::notSame($newId, $oldId);
 Assert::true(is_file($path . $newId));
 
 $ref = 20;