diff --git a/application/config/session.php b/application/config/session.php
index be0e3e0d..02418705 100644
--- a/application/config/session.php
+++ b/application/config/session.php
@@ -16,7 +16,7 @@
 	|
 	*/
 
-	'driver' => '',
+	'driver' => 'file',
 
 	/*
 	|--------------------------------------------------------------------------
@@ -86,4 +86,19 @@
 
 	'https' => false,
 
+	/*
+	|--------------------------------------------------------------------------
+	| HTTP Only Session Cookie
+	|--------------------------------------------------------------------------
+	|
+	| Should the session cookie only be accessible over HTTP?
+	|
+	| Note: The intention of the "HTTP Only" option is to keep cookies from
+	|       being accessed by client-side scripting languages. However, this
+	|       setting should not be viewed as providing total XSS protection.
+	|
+	*/
+
+	'http_only' => false,
+
 );
\ No newline at end of file