cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Berin Loritsch <blorit...@apache.org>
Subject Re: [c2.x] bug in sitemap redirector
Date Tue, 12 Jun 2001 20:58:20 GMT
giacomo wrote:
> 
> On Tue, 12 Jun 2001, Berin Loritsch wrote:
> 
> > Donald Ball wrote:
> > >
> > > On Tue, 12 Jun 2001, giacomo wrote:
> > >
> > > > > i've got this pipeline in my sitemap:
> > > > >
> > > > >    <map:match pattern="add/product">
> > > > >     <map:act type="add-uptgen-product">
> > > > >      <map:parameter name="tables-descriptor"
> > > > >        value="context:///WEB-INF/forms/product_tables.xml"/>
> > > > >      <map:redirect-to uri="/uptgen/product/{id}"/>
> > > > >     </map:act>
> > > > >     <map:redirect-to uri="/uptgen/xhtml/form"/>
> > > > >    </map:match>
> > > > >
> > > > > if i come in with this url:
> > > > >
> > > > > /uptgen/add/product?foo=bar
> > > > >
> > > > > if the action is successful, i am redirected to:
> > > > >
> > > > > /uptgen/product/ID?foo=bar
> > > > >
> > > > > (where ID is the value of the id in the map returned from the action)
> > > > >
> > > > > the original querystring has no business in the redirected url. is
this a
> > > > > side effect of the move to the Redirector class?
> > > >
> > > > Sorry, I don't understand the question. What business?
> > >
> > > i should be redirected to this URL:
> > >
> > > /uptgen/product/ID
> > >
> > > instead, i am redirected to this URL:
> > >
> > > /uptgen/product/ID?foo=bar
> > >
> > > the '?foo=bar' querystring does not belong there (== has no business
> > > there). for some reason, it looks like the Redirector class is appending
> > > the original querystring to the redirected url. note this is particularly
> > > bad if you try to redirect to a url with a querystring, as you'll end up
> > > with a malformed url. e.g.:
> > >
> > > /uptgen/product?id=ID?foo=bar
> >
> > Another issue is that if session=true, the jsession attribute is appended
> > as a query string.  This is not correct--the encodeRedirectURL executed on
> > the core HttpServletResponse object takes care of all the encoding issues
> > including the session string and the necessary attributes.
> 
> Actually the redirection is done in the HttpEnvironment class (the
> redirector class is using the Environment object and thus it cannot be
> introduced by it). The first simple redirect method was added in August
> last year to the HttpEnvironment class and had the query string
> appended. Yes, it might be done better. Is there the need to append the
> query string or not when issuing redirect?

Honestly, explicitly adding the request parameters should only be done under
the control of the programmer making the redirect call.  It should go through
the HttpServletResponse's encodeRedirectURL() method to handle cases where
session tracking handled by the servlet engine can't use cookies.  Explicitly
adding it is unnecessary, and polutes the URI space.  If a servlet engine
does not handle encodeRedirectURL() properly, it is in violation of the
Servlet spec.

---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message