There are three session variable names that SHOULD NOT be used. These are reserved for internal use by the core
Sessionclass. If one of these reserved names is used, the
Session::set() method will throw an invalid argument exception:
$_SESSION['HTTP_USER_AGENT'] session variables contain copies of the global
$_SERVER['HTTP_USER_AGENT'] server variables. The
$_SESSION['HTTPS'] is used to regenerate the session ID if the client connection switches from plain HTTP to HTTP Secure (HTTP/S) and back. The
$_SESSION['HTTP_USER_AGENT'] variable is used to notice any changes of the HTTP client or the client configuration.