tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Grigg <>
Subject RE: Help: Cross-session parameters leaking?
Date Thu, 04 May 2000 00:14:23 GMT
Fedor Karpelevitch wrote:
> First thing I would check: isn't 'url' variable static? Would be strange
> could create the problem you had if not syncronized.
> WBR, Fedor.

No, that's not it. 'url' is a local variable in a utility class method.
That method is passed the response, the session, and the userID. The JSP
gets the userID from the request as I showed before (getParameter).

I do invalidate the session before calling sendRedirect on the
response... could this cause a weird problem?


View raw message