[HttpFoundation] Clarify behavior of session access via RequestStack to avoid auto-starting sessions

Symfony documentation states that sessions are automatically started when accessed (read/write/check), and recommends avoiding session access for anonymous users to prevent unnecessary session cookies.

However, obtaining the session via `Request::getSession()` or `RequestStack::getSession()` may throw a `SessionNotFoundException` if no session has been started yet — contradicting the suggestion to simply "avoid accessing the session".

This PR adds clarification/code handling to:
- Prevent unintended session creation when checking for session presence
- Avoid potential exceptions when attempting to retrieve a session too early
- Align with Symfony's performance recommendation for anonymous users

I might be misunderstanding the intended behavior, so if that's the case, I apologize and will happily close this PR. Just wanted to raise the concern in case it helps improve clarity.

Author: santysisi

session.rst

@@ -107,11 +107,6 @@ By default, session attributes are key-value pairs managed with the
 :class:`Symfony\\Component\\HttpFoundation\\Session\\Attribute\\AttributeBag`
 class.
 
-Sessions are automatically started whenever you read, write or even check for
-the existence of data in the session. This may hurt your application performance
-because all users will receive a session cookie. In order to prevent starting
-sessions for anonymous users, you must *completely* avoid accessing the session.
-
 .. note::
 
     Sessions will also be started when using features that rely on them internally,