From 6e122c45b4319437892ece588625badf111069ca Mon Sep 17 00:00:00 2001
From: "Chris Ross (ASP.NET)" <chrross@microsoft.com>
Date: Mon, 29 Jan 2018 12:50:17 -0800
Subject: [PATCH] Mark cookie as non-essential. Home#2393

---
 src/Microsoft.AspNetCore.Session/SessionOptions.cs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/Microsoft.AspNetCore.Session/SessionOptions.cs b/src/Microsoft.AspNetCore.Session/SessionOptions.cs
index 9c9856f481..4d456b0f60 100644
--- a/src/Microsoft.AspNetCore.Session/SessionOptions.cs
+++ b/src/Microsoft.AspNetCore.Session/SessionOptions.cs
@@ -22,6 +22,7 @@ namespace Microsoft.AspNetCore.Builder
         /// <see cref="CookieBuilder.Path"/> defaults to <see cref="SessionDefaults.CookiePath"/>.
         /// <see cref="CookieBuilder.SameSite"/> defaults to <see cref="SameSiteMode.Lax"/>.
         /// <see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>
+        /// <see cref="CookieBuilder.IsEssential"/> defaults to <c>false</c>
         /// </para>
         /// </summary>
         public CookieBuilder Cookie
@@ -111,6 +112,8 @@ namespace Microsoft.AspNetCore.Builder
                 SecurePolicy = CookieSecurePolicy.None;
                 SameSite = SameSiteMode.Lax;
                 HttpOnly = true;
+                // Session is considered non-essential as it's designed for ephemeral data.
+                IsEssential = false;
             }
 
             public override TimeSpan? Expiration