tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nlif <naam...@plimus.com>
Subject Re: No URL rewriting when cookies are disabled
Date Sun, 08 Feb 2009 08:35:17 GMT

Yep, that was it exactly... I've been spoiled by frameworks :)
I did some experimentation myself, and dug a little in framework code, and
indeed, this has been taken care for me in the past, and I assumed it's done
by Tomcat (or any servlet container, for that matter), but it isn't.

Thanks,
Naaman



Christopher Schultz-2 wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> André,
> 
> André Warnier wrote:
>> Actually, I was just perusing a page in the Tomcat 6 docs :
>> http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
>> 
>> and it actually says, for the "cookies" attribute :
>> Set to true if you want cookies to be used for session identifier
>> communication if supported by the client (this is the default). Set to
>> false if you want to disable the use of cookies for session identifier
>> communication, and rely only on URL rewriting *by the application*.
> 
> André has the answer right here (though without details).
> 
> In order to get your application to rewrite URLs, you need to pass every
> single outgoing URL through the HttpServletResponse.encodeURL method (or
> HttpServletResponse.encodeRedirectURL if you are using a redirect).
> 
> I've found that this is detail is often overlooked in web applications.
> Most JSP tag libraries and things like that do this transparently, so
> you may not have even been aware that it was a requirement.
> 
> Good luck reviewing all that code ;)
> 
> - -chris
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iEYEARECAAYFAkmLdjcACgkQ9CaO5/Lv0PD8cQCeKvrnDjZvNJTrXCcXuzOKUeSt
> +2YAoKYSCgXVEzLMhSFFk309g0OhO8kP
> =SKW6
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/No-URL-rewriting-when-cookies-are-disabled-tp21854081p21896827.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message