Thanks Hassan.
> If you want 'clean' URLs you should get rid of the '.jsp' too, but ...
The bottom line is the value for 'id' needs to come from somewhere.
Your choices are:
1) Embed it in the URL for GET requests, either via query string or
as path info (e.g. /story/data/17 ) and handle the security aspect
(if any) yourself
Kiran : I think this is what I am presently doing.
>
> 2) Use a form to POST the request with the id included (a bit clunky,
> same security issue)
Form will not work as data is dynamic and form I feel will not serve the
purpose.
>
> 3) Save the 'id' in session and use that -- everyone sees the same URL
> e.g. /story/data but with unique data. Obviously, this doesn't work for
> a resource that's intended to be shared :-)
Yup I agree, session is ruled out.I just dont have that much patience to
figure the things out if I get some nasty behavior.I just dont have that
level of skill nor time.
The way I have done this is ok for me, it serves my purpose and also I
dont have the data which is kind of private.Its just that I was
exploring if we can hide the id.
HTH,
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|