public virtual bool AllowSetCookie(IRequest req, string cookieName)
{
if (!Config.AllowSessionCookies)
return cookieName != SessionFeature.SessionId
&& cookieName != SessionFeature.PermanentSessionId
&& cookieName != SessionFeature.SessionOptionsKey
&& cookieName != SessionFeature.XUserAuthId;
return true;
}