tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brycenesbitt <>
Subject Re: Web spiders - disabling jsessionid
Date Mon, 04 Dec 2006 02:51:54 GMT

Rashmi Rubdi wrote:
> I don't know because this problem doesn't happen in my case, on 2
> different web applications.
> Bryce should really test his case by setting cookies="true" or remove the
> cookies attribute and test his links with Xenu to see if he still gets
> jsessionid with Xenu.
A quick google search will show this happens to many other people -- even if
your webapps are magically immune. is
definitely affected.

None of the three cookie options do it for me... not "true", not "false",
and not leaving it at the default (which should be true).  This appears to
be something Tomcat just can't do.   While it's a search robot bug (not
parsing out the ";jessionid=", it's my problem.

Next I'll try:
Adding a filter like:

HttpServletResponseWrapper wrappedResponse
    = new HttpServletResponseWrapper(httpResponse)
  public String encodeRedirectUrl(String url) { return url; }
  public String encodeRedirectURL(String url) { return url; }
  public String encodeUrl(String url) { return url; }
  public String encodeURL(String url) { return url; }
View this message in context:
Sent from the Tomcat - User mailing list archive at

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message