diff --git a/config.default.ini b/config.default.ini
index 5de62140..e61fa762 100644
--- a/config.default.ini
+++ b/config.default.ini
@@ -44,7 +44,16 @@ newline=\n
 handler=Gt\Session\FileHandler
 path=phpgt/session
 name=GT
+use_trans_sid=false
 use_cookies=true
+use_only_cookies=true
+use_strict_mode=true
+cookie_lifetime=0
+cookie_path=/
+cookie_domain=
+cookie_secure=true
+cookie_httponly=true
+cookie_samesite=Lax
 
 [database]
 driver=sqlite
diff --git a/src/Dispatch/Dispatcher.php b/src/Dispatch/Dispatcher.php
index f24843af..7c7f1f42 100644
--- a/src/Dispatch/Dispatcher.php
+++ b/src/Dispatch/Dispatcher.php
@@ -193,9 +193,17 @@ public function __construct(
 			$this->config->getString("session.name"),
 			$this->config->getString("session.handler"),
 			$this->config->getString("session.path"),
-			$this->config->getBool("session.use_trans_sid") ?? false,
-			$this->config->getBool("session.use_cookies") ?? false,
-			$this->globals["_COOKIE"],
+			$this->config->getBool("session.use_trans_sid"),
+			$this->config->getBool("session.use_cookies"),
+			cookieLifetime: $this->config->getInt("session.cookie_lifetime"),
+			cookiePath: $this->config->getString("session.cookie_path"),
+			cookieDomain: $this->config->getString("session.cookie_domain"),
+			cookieSecure: $this->config->getBool("session.cookie_secure"),
+			cookieHttpOnly: $this->config->getBool("session.cookie_httponly"),
+			cookieSameSite: $this->config->getString("session.cookie_samesite"),
+			useOnlyCookies: $this->config->getBool("session.use_only_cookies"),
+			useStrictMode: $this->config->getBool("session.use_strict_mode"),
+			currentCookieArray: $this->globals["_COOKIE"],
 		);
 		$this->sessionInit = $sessionInit;
 		$this->serviceContainer->set($sessionInit->getSession());
diff --git a/src/Init/SessionInit.php b/src/Init/SessionInit.php
index f401fd65..ffeab8e5 100644
--- a/src/Init/SessionInit.php
+++ b/src/Init/SessionInit.php
@@ -9,6 +9,8 @@ class SessionInit {
 
 	/**
 	 * @param array<string, string> $currentCookieArray
+	 * @SuppressWarnings("PHPMD.BooleanArgumentFlag")
+	 * @SuppressWarnings("PHPMD.ExcessiveParameterList")
 	 * @SuppressWarnings("PHPMD.Superglobals")
 	 */
 	public function __construct(
@@ -17,7 +19,15 @@ public function __construct(
 		string $savePath,
 		bool $useTransSid,
 		bool $useCookies,
-		array $currentCookieArray,
+		int $cookieLifetime = Session::DEFAULT_SESSION_LIFETIME,
+		string $cookiePath = Session::DEFAULT_COOKIE_PATH,
+		string $cookieDomain = Session::DEFAULT_SESSION_DOMAIN,
+		bool $cookieSecure = Session::DEFAULT_SESSION_SECURE,
+		bool $cookieHttpOnly = Session::DEFAULT_SESSION_HTTPONLY,
+		string $cookieSameSite = Session::DEFAULT_COOKIE_SAMESITE,
+		bool $useOnlyCookies = true,
+		bool $useStrictMode = Session::DEFAULT_STRICT_MODE,
+		array $currentCookieArray = [],
 		?SessionSetup $sessionSetup = null,
 		string|Session $sessionClass = Session::class,
 	) {
@@ -30,6 +40,14 @@ public function __construct(
 			"save_path" => $savePath,
 			"use_trans_sid" => $useTransSid,
 			"use_cookies" => $useCookies,
+			"cookie_lifetime" => $cookieLifetime,
+			"cookie_path" => $cookiePath,
+			"cookie_domain" => $cookieDomain,
+			"cookie_secure" => $cookieSecure,
+			"cookie_httponly" => $cookieHttpOnly,
+			"cookie_samesite" => $cookieSameSite,
+			"use_only_cookies" => $useOnlyCookies,
+			"use_strict_mode" => $useStrictMode,
 		];
 
 		$sessionId = $_COOKIE[$sessionConfig["name"]] ?? null;
diff --git a/test/phpunit/Init/SessionInitTest.php b/test/phpunit/Init/SessionInitTest.php
index 763ffdb6..83a9efe4 100644
--- a/test/phpunit/Init/SessionInitTest.php
+++ b/test/phpunit/Init/SessionInitTest.php
@@ -7,6 +7,7 @@
 use GT\WebEngine\Init\SessionInit;
 use PHPUnit\Framework\Attributes\RunTestsInSeparateProcesses;
 use PHPUnit\Framework\TestCase;
+use SessionHandlerInterface;
 
 class SessionInitTest extends TestCase {
 	private string $tmpDir;
@@ -55,4 +56,38 @@ public function testConstruct_buildsSessionFromConfig_andRestoresCookie():void {
 		$session = $sut->getSession();
 		self::assertSame($idString, $session->getId());
 	}
+
+	public function testConstruct_passesCookieOptionsToSession():void {
+		CapturingSession::$capturedConfig = [];
+
+		$sut = new SessionInit(
+			name: "GT",
+			handler: FileHandler::class,
+			savePath: $this->tmpDir,
+			useTransSid: false,
+			useCookies: true,
+			cookieSecure: false,
+			cookieSameSite: "Strict",
+			currentCookieArray: [],
+			sessionClass: CapturingSession::class,
+		);
+
+		self::assertInstanceOf(CapturingSession::class, $sut->getSession());
+		self::assertFalse(CapturingSession::$capturedConfig["cookie_secure"]);
+		self::assertSame("Strict", CapturingSession::$capturedConfig["cookie_samesite"]);
+	}
+}
+
+class CapturingSession extends Session {
+	/** @var array<string, mixed> */
+	public static array $capturedConfig = [];
+
+	/** @param array<string, mixed> $config */
+	public function __construct(
+		SessionHandlerInterface $sessionHandler,
+		iterable $config = [],
+		?string $id = null,
+	) {
+		self::$capturedConfig = is_array($config) ? $config : iterator_to_array($config);
+	}
 }