tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rashmi Rubdi <dev_subscripti...@yahoo.com>
Subject Re: Web spiders - disabling jsessionid
Date Sat, 02 Dec 2006 01:28:47 GMT
----- Original Message ----
From: "Caldarale, Charles R" Chuck.Caldarale@unisys.com

>> From: Rashmi Rubdi [mailto:dev_subscriptions@yahoo.com] 
>> Subject: Re: Web spiders - disabling jsessionid
>> 
>> I think then, setting cookies to "true", or simply leaving 
>> out the cookies attribute should solve the original poster's 
>> problem with disabling JSESSIONID

>Except for the paranoid clients that disable cookies - then there's not
>much recourse other than rewriting the URL with the session id IF it's
>important to maintain session information.  
>- Chuck

Thanks for clarifying.

Another option is to have a dedicated page that says "Cookies Required" whenever cookies are
disabled in a browser similar to "Javascript Required" when Javascript is disabled. Many web
apps seem to have a Cookies Required page. 

If this is not a option for a web app then, I guess like a few people mentioned in this thread
a Filter to remove JSESSIONID should be implemented.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message