tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Léa Massiot <lmhe...@orange.fr>
Subject Re: From HTTP to HTTPS request.getHeader("referer")
Date Sun, 02 Nov 2014 15:07:40 GMT
Hello Mark, Chris and Terence.
Thank you for your answers.
After reading them and observing a few things I realized that my problem is
not exactly the one I described at first.


Christopher Schultz-2 wrote
> The Referer is going to be the URL that was showing in the web browser
> when the user clicked on the Submit button. 

This is right.
I hadn't noticed it but the URL which is showing is NOT
https://host/webapp/example1.jsp.
Instead, it is https://host/webapp/do_example.
So, what I was describing as abnormal in my first post is actually normal.

So the problem is coming from elsewhere...

Before I tried to make the webapp work with HTTPS, I was always using calls
like these:
----------------------------------------------------------------------
response.sendRedirect("example1.jsp");
----------------------------------------------------------------------

Last week, I replaced all these calls with these new ones:
----------------------------------------------------------------------
requestDispatcher =
getServletContext().getRequestDispatcher("/example1.jsp");
requestDispatcher.forward(request, response);
----------------------------------------------------------------------
(with the appropriate JSP of course).

I made that change because "sendRedirect()" didn't "work" with HTTPS.
I didn't mention this before because I thought it was solving this other
problem.
Instead, it provokes new ones.

What I actually would like is the webapp to behave like before: showing JSP
page names in the URLs bar instead of "URL patterns":
in a given servlet, I generally have several "forward()" calls and hence
several different ".jsp" pages to forward to depending on what happens
inside the servlet.
Having all of them replaced by something like "do_example" is kind of not
what I had planned.
It's definitely very problematic.

So, hum, as I didn't asked it at the time: why can't I go on using
"sendRedirect()" along with HTTPS?
If I have to use "forward()", is there any way I could make it behave the
way I described above?
Is there another method I could use that would suit my needs?

Best regards.

P.S.
For the problem I was posting at first,
as I don't really need to rely on the "referer" request header, 
I can instead, set a session attribute in each JSP.
In "example1.jsp" for instance:
--------------------------------------------------------------------
<c:set var="sessAtt"
       value="example1.jsp"
       scope="session"></c:set>
--------------------------------------------------------------------
When in the "doPost()" method of the servlet, I'll know which JSP form what
submitted...



--
View this message in context: http://tomcat.10.x6.nabble.com/From-HTTP-to-HTTPS-request-getHeader-referer-tp5024782p5024848.html
Sent from the Tomcat - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message