If a custom tag has an attribute that is expected to be a URL, it's reasonable to assume that the implementation should call "HttpServletResponse.encodeURL()" to do things like adding any existing session id.
However, it's apparent that it only makes sense to do this (AFAIK) if the protocol of the URL is "http" or "https". If the protocol is "javascript" or "mailto", then it clearly doesn't make sense to append the session id. I'm not sure what other protocols are likely to be seen in this situation, so I'm not sure which others would make sense, or not make sense. Is it reasonable for "HttpServletResponse.encodeURL()" to not care what the protocol is, and append the session id no matter what, so the code calling it has to first pre-parse the URL to get the protocol, and only call the method if the URL's protocol is in a certain set of protocols? -- =================================================================== David M. Karr ; Java/J2EE/XML/Unix/C++ [EMAIL PROTECTED] ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
