Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 33420 invoked from network); 4 Dec 2006 02:52:32 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 4 Dec 2006 02:52:32 -0000 Received: (qmail 59712 invoked by uid 500); 4 Dec 2006 02:52:26 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 59680 invoked by uid 500); 4 Dec 2006 02:52:26 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 59669 invoked by uid 99); 4 Dec 2006 02:52:26 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 03 Dec 2006 18:52:26 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of lists@nabble.com designates 72.21.53.35 as permitted sender) Received: from [72.21.53.35] (HELO talk.nabble.com) (72.21.53.35) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 03 Dec 2006 18:52:14 -0800 Received: from [72.21.53.38] (helo=jubjub.nabble.com) by talk.nabble.com with esmtp (Exim 4.50) id 1Gr3vu-0002Ua-5b for users@tomcat.apache.org; Sun, 03 Dec 2006 18:51:54 -0800 Message-ID: <7670111.post@talk.nabble.com> Date: Sun, 3 Dec 2006 18:51:54 -0800 (PST) From: brycenesbitt To: users@tomcat.apache.org Subject: Re: Web spiders - disabling jsessionid In-Reply-To: <20061204013735.12490.qmail@web56413.mail.re3.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: bryce1@obviously.com References: <457022D6.6040301@ceti.pl> <457070DF.6010801@christopherschultz.net> <497fac690612011102i331caee2x5a8cb7992982ebad@mail.gmail.com> <0883B67B5A2CFA4997D275DF955EDCF103422A@jetisremx01.jetisre.local> <45709A30.3020502@ceti.pl> <4570A38A.9060909@christopherschultz.net> <7660951.post@talk.nabble.com> <7661072.post@talk.nabble.com> <20061203173854.45051.qmail@web56402.mail.re3.yahoo.com> <497fac690612031710o6ba58d6dw20628366199d47fc@mail.gmail.com> <20061204013735.12490.qmail@web56413.mail.re3.yahoo.com> X-Virus-Checked: Checked by ClamAV on apache.org Rashmi Rubdi wrote: > > I don't know because this problem doesn't happen in my case, on 2 > different web applications. > > Bryce should really test his case by setting cookies="true" or remove the > cookies attribute and test his links with Xenu to see if he still gets > jsessionid with Xenu. > A quick google search will show this happens to many other people -- even if your webapps are magically immune. http://www.citycarshare.org/ is definitely affected. None of the three cookie options do it for me... not "true", not "false", and not leaving it at the default (which should be true). This appears to be something Tomcat just can't do. While it's a search robot bug (not parsing out the ";jessionid=", it's my problem. Next I'll try: http://randomcoder.com/articles/jsessionid-considered-harmful Adding a filter like: HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(httpResponse) { public String encodeRedirectUrl(String url) { return url; } public String encodeRedirectURL(String url) { return url; } public String encodeUrl(String url) { return url; } public String encodeURL(String url) { return url; } }; -- View this message in context: http://www.nabble.com/Web-spiders---disabling-jsessionid-tf2737558.html#a7670111 Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org