Saul Q Yuan wrote:In IETF standards terms, the session identifier is a *path* parameter, not a *query* parameter. Such parameters can actually be added to any segment in the url ("http://foo.com/bar;baz=bop/ping;game=pong";), not just the last one. Just because it is not common doesn't mean it's broken :-).
Seems strange that a rule would be set that breaks IETF standards, doesn't it? Or am I seeing this totally wrong?handles-----Original Message----- From: Ruth, Brice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2003 9:32 AM To: Struts Users Mailing List Subject: Re: how to disable (or work around) jsessionid in html:img sources
James Mitchell wrote:
A bit of history on this subject:
* From: Craig R. McClanahan * Subject: Re: Why would jsessionid not appear? * Date: Wed, 08 Aug 2001 12:09:26 -0700
The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies. How Tomcat
forthis (probably typical of others):
* On the first response in a session, send the session id both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie, keep on rewriting.
Craig
So, with that having been said, all you have to do is tell all your users to hit refresh whenever they access your site.
That way, all external links and images will work.
If you find that unacceptable, you could:
Move the contents of index.jsp to index2.jsp, then:
Put a meta refresh tag as your initial page (index.jsp). <META HTTP-EQUIV="refresh" content="2;URL=http://www.yoursite.com/index2.jsp";>
or
Add some javascript that sends the user to index2.jsp. (similar to above)
or
Use <logic:redirect> or any number of ways in a scriptlet to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org), I take a slightly different approach. At the top of my index.jsp, I do this:
<logic:present parameter="refresh"> <bean:parameter id="refreshed" name="refresh"/> </logic:present>
<logic:notEqual name="refreshed" value="true"> <logic:redirect page="/index.jsp?refresh=true"/> </logic:notEqual>
What this does is refresh the page one time only. This method works
whichme because I am not posting or processing any forms with this page
would not work correctly if I had.
Hope that helps.
Thanks, James.
Ignoring for the moment how these workarounds smack of "hack", this
doesn't solve the problem of people visiting the site w/o cookies
enabled. What I don't understand is why the delimiter ';' is being
used,
instead of the traditional '?' - which Apache wouldn't have a problem
stripping off and serving up the proper file with ...
That seems to be a rule in the Servlet specification on URL rewriting for passing session info.
http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD .pdf
Saul
Craig McClanahan
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
