diff --git a/index.js b/index.js
index 8db4eca3..4eecdf7a 100644
--- a/index.js
+++ b/index.js
@@ -192,6 +192,9 @@ function session(options) {
 
     // pathname mismatch
     var originalPath = parseUrl.original(req).pathname;
+    if(cookieOptions.baseUrlField){
+      cookieOptions.path = req.baseUrl;
+    };
     if (originalPath.indexOf(cookieOptions.path || '/') !== 0) return next();
 
     // ensure a secret is available or bail
diff --git a/test/session.js b/test/session.js
index 6711df98..f0fab9de 100644
--- a/test/session.js
+++ b/test/session.js
@@ -22,6 +22,38 @@ describe('session()', function(){
     assert.equal(typeof session.MemoryStore, 'function')
   })
 
+  it('should session only exists in the baseUrl', function(done) {
+    var ctrl_sess = session({
+      secret: 'keyboard cat',
+      cookie: {
+        httpOnly: true,
+        baseUrlField: true
+      }
+    });
+    var ctrl_corp = function(req, res, next) {
+      if (!req.session.corp) {
+        req.session.corp = req.params.corp;
+        res.send(req.session.corp);
+      } else if (req.session.corp !== req.params.corp) {
+        res.send('oh no, session is across.');
+      } else {
+        res.send(req.session.corp);
+      }
+    };
+
+    var app = express();
+    app.use('/:corp', ctrl_sess, ctrl_corp);
+
+    request(app)
+      .get('/github')
+      .expect(200, 'github', function(err, res) {
+        if (err) return done(err)
+        request(app)
+          .get('/google')
+          .expect(200, 'google', done);
+      });
+  })
+  
   it('should do nothing if req.session exists', function(done){
     function setup (req) {
       req.session = {}