Refactor client.py session cookie code. Remove session db access. The original code did a session_db.exists test followed by a session_db.getall. Refactor does a getall and if a KeyError is thrown, handles the error. Most likely the session key will be found so exception handling won't be triggered. Added test case to test the exception code path and minor rearrangement of setup code.

try:
    from html import escape as html_escape_  # python 3

    def html_escape(str, quote=False):
        # html_escape under python 3 sets quote to true by default
        # make it python 2 compatible
        return html_escape_(str, quote=quote)
except ImportError:
    # python 2 fallback
    from cgi import escape as html_escape  # noqa: F401