Take the icon handler out of session management and make it freely accessible. This should solve the session limit problem that is described in #13083
Basically, each icon is requested via css from the web UI, since it's not going via AJAX there is no control over the timing of those requests. When leaving the UI open for a longer while the sessions will time out; once the user resumes actions the browser may decide to refresh the css and will rapidly issue a large number of requests in order to retrieve the icons. This will quickly exceed the session limit on the dSS, because each of those requests might spawn a new session (it will do so until the cookie from the dSS made it to the browser and into all subsequent calls).
implements #13083