Bug Report

Summary

After the patch https://bugs.php.net/bug.php?id=79699 certain session names are buggy and won't work anymore.

Current behavior

The generated cookie name doesn't necessarily match the internal session name which is a problem after the php patch.

How to reproduce

1. Install the latest PHP featuring above bugfix.
2. Set up the session for example like this:

    'session_config' => [
        'name' => 'my:session',
    ],

1. The generated cookie name is my%3Asession but the module still expects to get a cookie for my:session, which it won't get with the security patch.

Expected behavior

Special characters like : should also be escaped during initalisation, so the cookie name and session name match.