tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicholas Ide <>
Subject encodeURL bug: doesn't work with virtual hosts or ports
Date Wed, 16 Jan 2002 17:36:46 GMT

Tomcat 4.0.1
Apache 1.3.2 (tried with mod_webapp and mod_jk)

encodeURL("http://foo:80/junk") does not encode the
sessionId even with cookies disabled, unless "foo" is
the ServerName and 80 is the Listen port.

In our environment, "foo" is a virtual hostname and "1234" 
is a virtual port.  We use a load balancing product from Resonate
to forward the "foo:80" request to "bar:9080".  So, the machine
which is running the servlet is actually "bar" and the effective
port on that machine is "9080".  When the servlet does an
encodeURL("relativepath") it correctly encodes the session id.
But, if the servlet does an encodeURL("http://foo/junk") it does
not encode the session id.

Apparently, encodeURL is trying to be too smart and is trying to 
distinguish between a URL that refers to the current servlet 
and a URL that goes outside.  Unfortunately, encodeURL apparently
doesn't have enough information to do this job correctly.  It would
be much better if encodeURL would ALWAYS encode the session id
(if cookies are off) rather than trying to second guess the caller.

getRequestURL also produces the wrong answer.
With mod_webapp, it uses the hostname from the ServerName rather 
than the VIP name.  With mod_jk, the hostname is correct, but it uses
the Listen port rather than the port specified by the user.

Questions:  (Or, whose bug is it?)

	Do you consider these to be mod_jk and mod_webapp bugs?
	Is it reasonable to expect that getRequestURL will yield
	EXACTLY the user request, rather than a "guess" based on
	the server configuration?
	Is it incorrect to use encodeURL with a fully specified URL?

Nick Ide

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message