Mailing-List: contact users-help@cocoon.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@cocoon.apache.org
Message-ID: <3F4B136C.6020701@upaya.co.uk>
Date: Tue, 26 Aug 2003 08:59:40 +0100
From: Upayavira <uv@upaya.co.uk>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.4) Gecko/20030624
MIME-Version: 1.0
To: users@cocoon.apache.org
Subject: Re: URLs being encoded WITH cookies enabled
References: <Law10-F121vN3qljWwY0000d76c@hotmail.com>
In-Reply-To: <Law10-F121vN3qljWwY0000d76c@hotmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Sonny,

Looking at the code of the EncodeURLTransformer, I can see that it only 
checks whether the URL has been rewritten already (i.e. whether it 
includes the session ID in the URL already). It does not check whether 
cookies are in use or not. It just uses the encodeURL() method of the 
servlet container. Therefore, this cookie checking must be a feature of 
the servlet container. I'd check whether you need to configure how your 
container (Tomcat? Jetty?) deals with URL rewriting.

Regards, Upayavira

Sonny Sukumar wrote:

>
> Good question, Joerg.  I was told by 1 or 2 other people on this list 
> that the EncodeURLTransformer won't rewrite the links with the session 
> ID if cookies are enabled.  Thus, they said, I could use 
> <map:transform type="encodeURL"/> at the end of all of my pipelines 
> with impunity.  It will work when it needs to work, and do nothing 
> when cookies are enabled.
>
> So I tried it, and now I notice links are being rewritten even with 
> cookies enabled, both for Mozilla Firebird and for IE (IE is the most 
> important for us by far).
>
> Anyhow, 2 other reasons I'd prefer URL/link rewriting not to occur 
> when cookies are enabled:
> 1.) It takes up precious time to parse a document and rewrite links.
> 2.) If someone closes the browser, the session is gone, whereas a 
> cookie still remains even after closing the browser and can be used to 
> re-establish the same session, provided the session is still valid on 
> the server.
>
> I might easily have some misunderstandings here, which is why I've 
> tried to explain my current understanding.  Please point out any 
> points on which I have erred.
>
> Sonny
>
>> From: Joerg Heinicke <jheinicke@virbus.de>
>>
>> I wonder why you don't abstain from cookies completely? If you use 
>> URL encoding for some users why not for all? We disregard cookies in 
>> our company completely because can potentially have switched them off.
>>
>> Joerg
>>
>> Sonny Sukumar wrote:
>>
>>>
>>> Hi guys,
>>>
>>> I sent the below message a few days ago but didn't hear from 
>>> anyone.  I'm not sure why the links are being rewritten, and I've 
>>> verified that it happens with IE as well (again, with cookies enabled).
>>>
>>>>
>>>> I'm using the EncodeURLTransformer in all of my pipelines just 
>>>> before serializing the output, but from what I read I thought it is 
>>>> only supposed to encode URLs if cookies are disabled in the browser.
>>>>
>>>> I've confirmed that cookies are enabled for my browser (Mozilla 
>>>> Firebird v0.6), but the URLs keep getting rewritten with a 
>>>> jsessionid parameter.
>>>>
>>>> What could be wrong?
>>>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org