DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=34420>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34420 Summary: encodeURL adds jsessionid on first requests Product: Tomcat 5 Version: 5.5.9 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] HttpServletResponse.encodeURL(String url) is returning an encoded url (ie. adding the ";jsessionid=" + sessionId) during the generation of the response of the first request. The first request comes from a browser with no session cookie (normal). The isEncodeable() method called by encodeURL() returns true because only a test on HttpServletRequest.isRequestedSessionIdFromCookie() is made. This test is necessary but not sufficient. The method isRequestedSessionIdFromCookie() does not makes the difference between a request having no session cookies because the browser of the user refuses the cookies and a request having no session cookies because the session has just been created ! This is creating a lot of problems when the first request is cached or when search engines are indexing the webapp. Sample JSP page showing the problem: <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <c:url var="test" value="/test.jsp"/> <html> <head> <title>encodeURL test</title> </head> <body> <h1>encodeURL test</h1> <p> Link: <a href="${test}">click here</a> </p> </body> </html> -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]