tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Stepanenko" <andrew.stepane...@gmail.com>
Subject Re: Web spiders - disabling jsessionid
Date Fri, 01 Dec 2006 12:56:51 GMT
Hello,

we use filter in web.xml as you said: StripSessionIdFilter. Works
fine. Not that much overhead.

Regards
Andrew Stepanenko,
Ternopil, Ukraine
http://unf.tane.edu.ua

On 12/1/06, Mikolaj Rydzewski <miki@ceti.pl> wrote:
> Hi,
>
> As you may know url rewriting feature is not a nice thing when spiders
> come to index your site -
> http://gabrito.com/post/javas-seo-blunder-jsessionid.
>
> There are a few solutions I'm thinking of:
>
>     * configuration at Tomcat / web.xml level to disable/enable url
>       rewriting (unfortunately Tomcat doesn't support it)
>     * do not use <c:url, <html:link, and similiar tags - could be quite
>       expensive when working with Strurs or other framework
>     * extend classes for <c:url, <html:link and other tags not to make
>       use of url rewriting - seems quite a good solution, but could be a
>       problem with legacy applications
>     * apply a filter in web.xml to remove ;jsessionid=XXX from the
>       generated output - I'm afraid it'd be quite resource expensive
>       (lots of string operations)
>     * apply a filter in web.xml to inject custom HttpServletResponse
>       implementation with empty encodeURL method - seems quite interesting
>     * apply a similiar filter at the apache level (I assume one is uing
>       apache as a fronted to tomcat) - I didn't benchmark it, but I
>       suppose that a perl filter would be faster than similiar Java one
>
> What are your opinions?
>
> --
> Mikolaj Rydzewski <miki@ceti.pl>
>
>
>
>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message