Return-Path: <tomcat-bugs@cortexity.com>
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 77143 invoked from network); 12 Sep 2000 00:43:54 -0000
Received: from msp-26-164-174.mn.rr.com (HELO localhost.localdomain)
 (24.26.164.174)
  by locus.apache.org with SMTP; 12 Sep 2000 00:43:54 -0000
Received: from fatman (IDENT:nobody@localhost [127.0.0.1])
	by localhost.localdomain (8.9.3/8.9.3) with SMTP id SAA11416
	for <tomcat-bugs@cortexity.com>; Mon, 11 Sep 2000 18:41:45 -0500
Message-ID: <134732893.968715705797.JavaMail.nobody@fatman>
Date: Mon, 11 Sep 2000 18:41:45 -0500 (CDT)
From: BugRat Mail System <tomcat-bugs@cortexity.com>
Reply-To: BugRat Mail System <tomcat-bugs@cortexity.com>
To: tomcat-bugs@cortexity.com
Subject: BugRat Report #102 has been filed.
Mime-Version: 1.0
Content-Type: multipart/mixed;
 boundary="134735845.968715705766.JavaMail.nobody@fatman"
X-Mailer: org.gjt.mail.EnhancedMimeMsg, <http://www.gjt.org/>
Organization: The Giant Java Tree, <http://www.gjt.org/>
X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N

--134735845.968715705766.JavaMail.nobody@fatman
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

Bug report #102 has just been filed.

You can view the report at the following URL:

   <http://znutar.cortexity.com:8888/BugRatViewer/ShowReport/102>

REPORT #102 Details.

Project: Servlet API
Category: Bug Report
SubCategory: New Bug Report
Class: webbug
State: received
Priority: medium
Severity: serious
Confidence: public
Environment: 
   Release: Servlet API 1.2
   JVM Release: 1.3.3
   Operating System: Solaris
   OS Release: 8
   Platform: Sparc

Synopsis: 
sendRedirect clears HTTP headers

Description:
A call to HttpServletResponse.sendRedirect clears all HTTP headers before sending its redirect response.  This makes it difficult to do something like add a cookie, and then redirect the client.

i.e.
protected void doGet(HttpServletRequest request, HttpServletResponse response)
   {
   Cookie cookie = new Cookie("my", "cookie");
   response.addCookie(cookie);
   response.sendRedirect("to-subsystem");
   }

The sendRedirect call clears the addCookie from the response headers.

I can imagine that this might not actually be a bug.  In my thinking and experience, the above code is perfectly legal HTTP processing.  But perhaps there is a design consideration for doing it this way.  I understand that with the current Servlet implementation, it is possible to send a redirect after data has been written to the output stream.  I do believe though that this feature should not supercede the flexibility of the sendRedirect command.

--134735845.968715705766.JavaMail.nobody@fatman
Content-Type: text/html; name=Report-102.html
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=Report-102.html
Content-Description: DataSource attachment 'Report-102.html'

<html>
<head>
<title>
BugRat Report #
102
</title>
</head>
<body>
<h2>
BugRat Report #
102
</h2>
<table width="100%" cellspacing="0"
       cellpadding="0">
<tr>
<td width="50%">
<strong>Project:</strong>
Servlet API
</td>
<td width="50%">
<strong>Release:</strong>
Servlet API 1.2
</td>
</tr>
<tr>
<td width="50%">
<strong>Category:</strong>
Bug Report
</td>
<td width="50%">
<strong>SubCategory:</strong>
New Bug Report
</td>
</tr>
<tr>
<td width="50%">
<strong>Class:</strong>
webbug
</td>
<td width="50%">
<strong>State:</strong>
received
</td>
</tr>
<tr>
<td width="50%">
<strong>Priority:</strong>
medium
</td>
<td width="50%">
<strong>Severity:</strong>
serious
</td>
</tr>
<tr>
<td width="50%">
<strong>Confidence:</strong>
public
<br>
</td>
</tr>
</table>
<p>
<strong>Submitter:</strong>
Chris Johnson (&nbsp;<a href="mailto:tenorviol@yahoo.com">tenorviol@yahoo.com</a>&nbsp;)
<br>
<strong>Date Submitted:</strong>
Sep 11 2000, 06:41:45 CDT
<br>
<strong>Responsible:</strong>
Z_Tomcat Alias (&nbsp;<a href="mailto:tomcat-bugs@cortexity.com">tomcat-bugs@cortexity.com</a>&nbsp;)
<p>
<DL>
<DT><strong>Synopsis:</strong>
<DD>
sendRedirect clears HTTP headers
</DL>
<DL>
<DT><strong> Environment:</strong> (jvm, os, osrel, platform)
<DD>
1.3.3, Solaris, 8, Sparc
</DL>
<p>
<DL>
<DT><strong>Additional Environment Description:</strong>
<DD>

</DL>
<p>
<DL>
<DT><strong>Report Description:</strong>
<DD>
A call to HttpServletResponse.sendRedirect clears all HTTP headers before sending its redirect response.  This makes it difficult to do something like add a cookie, and then redirect the client.

i.e.
protected void doGet(HttpServletRequest request, HttpServletResponse response)
   {
   Cookie cookie = new Cookie("my", "cookie");
   response.addCookie(cookie);
   response.sendRedirect("to-subsystem");
   }

The sendRedirect call clears the addCookie from the response headers.

I can imagine that this might not actually be a bug.  In my thinking and experience, the above code is perfectly legal HTTP processing.  But perhaps there is a design consideration for doing it this way.  I understand that with the current Servlet implementation, it is possible to send a redirect after data has been written to the output stream.  I do believe though that this feature should not supercede the flexibility of the sendRedirect command.
</DL>
<p>
<DL>
<DT><strong>Workaround:</strong>
<DD>
null
</DL>
<P><A HREF="http://znutar.cortexity.com:8888/BugRatViewer/ShowReport/102
">
<center>
View this report online...
</center>
</a>
</body>
</html>

--134735845.968715705766.JavaMail.nobody@fatman--