diff --git a/session/sess_mem.go b/session/sess_mem.go
index dd61ef57..8d75d2c6 100644
--- a/session/sess_mem.go
+++ b/session/sess_mem.go
@@ -102,7 +102,8 @@ func (pder *MemProvider) SessionRead(sid string) (Store, error) {
 	pder.lock.RUnlock()
 	pder.lock.Lock()
 	newsess := &MemSessionStore{sid: sid, timeAccessed: time.Now(), value: make(map[interface{}]interface{})}
-	element := pder.list.PushBack(newsess)
+	// fix bug: new session should be pushed into the head of list(more fresh)
+	element := pder.list.PushFront(newsess)
 	pder.sessions[sid] = element
 	pder.lock.Unlock()
 	return newsess, nil
@@ -134,7 +135,8 @@ func (pder *MemProvider) SessionRegenerate(oldsid, sid string) (Store, error) {
 	pder.lock.RUnlock()
 	pder.lock.Lock()
 	newsess := &MemSessionStore{sid: sid, timeAccessed: time.Now(), value: make(map[interface{}]interface{})}
-	element := pder.list.PushBack(newsess)
+	// fix bug: new session should be pushed into the head of list(more fresh)
+	element := pder.list.PushFront(newsess)
 	pder.sessions[sid] = element
 	pder.lock.Unlock()
 	return newsess, nil
diff --git a/session/session.go b/session/session.go
index 39d475fc..4c422906 100644
--- a/session/session.go
+++ b/session/session.go
@@ -201,7 +201,9 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
 	if err != nil || cookie.Value == "" {
 		return
 	}
-	manager.provider.SessionDestroy(cookie.Value)
+	// fix bug: cookie.Value has been urlencoded, so should be decoded here
+	sid, _ := url.QueryUnescape(cookie.Value)
+	manager.provider.SessionDestroy(sid)
 	if manager.config.EnableSetCookie {
 		expiration := time.Now()
 		cookie = &http.Cookie{Name: manager.config.CookieName,