Trust generated session id on new request
Otherwise SessionManager::getSessionFromInfo() resets it to a new value
which in turn causes subsequent errors like deleting a session id cookie
on first request instead of setting it etc... Either we set the flag
idIsSafe or let the SessionInfo constructor itself generate an id for us.