DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31642>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31642 <bean:include> always include Session id (if any) even for external Urls (href attribute) Summary: <bean:include> always include Session id (if any) even for external Urls (href attribute) Product: Struts Version: 1.2.4 Platform: Sun OS/Version: All Status: NEW Severity: Critical Priority: Other Component: Custom Tags AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] <bean:include> tag always include JSESSIONID session id - if any - even for external urls specified via href attribute. Despite the specification of the 'href' attribute: "Absolute URL (including the appropriate protocol prefix such as "http:") of the resource to be included. Because this URL could be external to the current web application, the session identifier will NOT be included in the request." ----------------------- Reason: ======= This is due to a bug in the org.apache.struts.taglib.TagUtils class. for now before proceeding with url rewriting ther's a test (line 566) which reads: "if (pageContext.getSession() != null) {" Instead it should read: "if (( href == null ) && ( pageContext.getSession() != null )) {" --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
