tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Price <>
Subject Re: INSECURE to rely on sendRedirect (??)
Date Fri, 24 Jan 2003 18:19:40 GMT

Mike Jackson wrote:

> So, in the end, I'm not clear on how filters work exactly (haven't needed to
> use them yet), but when you're using the header type redirect you need to
> make sure that you're not going to send back anything other than the
> redirect.  If you do send something most clients will work properly, but
> some won't.

Filters are like mini-servlets sort of, but they intercept a request for 
a resource and do something before passing the request along to the 
resource.  In my case, I wanted to call sendRedirect() from the filter, 
but it looks like that doesn't happen fast enough.  Using a return 
statement to terminate the doFilter() method call before it calls 
doFilterChain() seems to work though, as suggested by Tim Moore.

The nice thing about a Filter is you can have one Filter mapped to every 
resource in the site, I'm not sure how you could get that with a regular 


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message