tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mikolaj Rydzewski <>
Subject Web spiders - disabling jsessionid
Date Fri, 01 Dec 2006 12:40:54 GMT

As you may know url rewriting feature is not a nice thing when spiders 
come to index your site -

There are a few solutions I'm thinking of:

    * configuration at Tomcat / web.xml level to disable/enable url
      rewriting (unfortunately Tomcat doesn't support it)
    * do not use <c:url, <html:link, and similiar tags - could be quite
      expensive when working with Strurs or other framework
    * extend classes for <c:url, <html:link and other tags not to make
      use of url rewriting - seems quite a good solution, but could be a
      problem with legacy applications
    * apply a filter in web.xml to remove ;jsessionid=XXX from the
      generated output - I'm afraid it'd be quite resource expensive
      (lots of string operations)
    * apply a filter in web.xml to inject custom HttpServletResponse
      implementation with empty encodeURL method - seems quite interesting
    * apply a similiar filter at the apache level (I assume one is uing
      apache as a fronted to tomcat) - I didn't benchmark it, but I
      suppose that a perl filter would be faster than similiar Java one

What are your opinions?

Mikolaj Rydzewski <>

View raw message