# File lib/action_controller/session/abstract_store.rb, line 175
      def call(env)
        prepare!(env)
        response = @app.call(env)

        session_data = env[ENV_SESSION_KEY]
        options = env[ENV_SESSION_OPTIONS_KEY]

        if !session_data.is_a?(AbstractStore::SessionHash) || session_data.loaded? || options[:expire_after]
          request = ActionController::Request.new(env)

          return response if (options[:secure] && !request.ssl?)
        
          session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.loaded?

          sid = options[:id] || generate_sid

          unless set_session(env, sid, session_data.to_hash)
            return response
          end

          request_cookies = env["rack.request.cookie_hash"]

          if (request_cookies.nil? || request_cookies[@key] != sid) || options[:expire_after]
            cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid)
            cookie << "; domain=#{options[:domain]}" if options[:domain]
            cookie << "; path=#{options[:path]}" if options[:path]
            if options[:expire_after]
              expiry = Time.now + options[:expire_after]
              cookie << "; expires=#{expiry.httpdate}"
            end
            cookie << "; secure" if options[:secure]
            cookie << "; HttpOnly" if options[:httponly]

            headers = response[1]
            unless headers[SET_COOKIE].blank?
              headers[SET_COOKIE] << "\n#{cookie}"
            else
              headers[SET_COOKIE] = cookie
            end
          end
        end

        response
      end