diff --git a/README.md b/README.md
index 82aed1e..18731c4 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,9 @@
 
 ## Overview
 
+*IMPORTANT: This module poses a security risk if used on production servers.*
+*It is a testing module not intended for production use.*
+
 This module starts a testing session in a browser,
 in order to test a SilverStripe application in a clean state.
 Usually the session is started on a fresh database with only default records loaded.
@@ -39,6 +42,8 @@ Commands:
  * `dev/testsession/end`: Removes the test state, and resets to the original database.
  * `dev/testsession/loadfixture?fixture=<path>`: Loads a fixture into an existing test state.
  * `dev/testsession/clear`: Empties the test state.
+ * `dev/testsession/browsersessionstate`: Set or unset browser session state (different from test session state).
+   Use query parameters to define states.
 
 While you can use the interface to set the test session state,
 it can be useful to set them programmatically through query parameters
diff --git a/code/TestSessionController.php b/code/TestSessionController.php
index 9ee4bf4..b7f6d23 100644
--- a/code/TestSessionController.php
+++ b/code/TestSessionController.php
@@ -10,6 +10,7 @@ class TestSessionController extends Controller {
 		'set',
 		'end',
 		'clear',
+		'browsersessionstate',
 		'StartForm',
 		'ProgressForm',
 	);
@@ -87,6 +88,29 @@ class TestSessionController extends Controller {
 		return $this->renderWith('TestSession_inprogress');
 	}
 
+	/**
+	 * Set $_SESSION state for the current browser session.
+	 */
+	public function browsersessionstate($request) {
+		if(!$this->environment->isRunningTests()) {
+			throw new LogicException("No test session in progress.");
+		}
+
+		$newSessionStates = array_diff_key($request->getVars(), array('url' => true));
+		if(!$newSessionStates) {
+			throw new LogicException('No query parameters detected');
+		}
+
+		$sessionStates = (array)Session::get('_TestSessionController.BrowserSessionState');
+		
+		foreach($newSessionStates as $k => $v) {
+			Session::set($k, $v);
+		}
+
+		// Track which state we're setting so we can unset later in end()
+		Session::set('_TestSessionController.BrowserSessionState', array_merge($sessionStates, $newSessionStates));
+	}
+
 	public function StartForm() {
 		$databaseTemplates = $this->getDatabaseTemplates();
 		$fields = new FieldList(
@@ -231,6 +255,15 @@ class TestSessionController extends Controller {
 
 		$this->environment->endTestSession();
 
+		// Clear out all PHP session states which have been set previously
+		if($sessionStates = Session::get('_TestSessionController.BrowserSessionState')) {
+			foreach($sessionStates as $k => $v) {
+				Session::clear($k);
+			}
+			Session::clear('_TestSessionController');	
+		}
+
+
 		return $this->renderWith('TestSession_end');
 	}