I haven't tried Tomcat recently, but we have developed a whole web site with "Resin" using encodeURL, with cookies turned off.It works fine, and as advertised.
Ron -----Original Message----- From: Eddie Bush [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 11, 2002 12:29 AM To: Tomcat Users List Subject: Re: getRequestURI() I don't believe that's what I said at all =) What I was was that to the best of my recollection that's how it is supposed to act. Isn't encodeURL what you're supposed to be able to depend on when cookies are disabled? If it doesn't list the parameters/cookies in the url ... then what is it for? =) Ok - here I go digging through the docs *cringe*. Now ... you tell ME what the correct interpretation is: encodeURL public java.lang.String *encodeURL*(java.lang.String url) Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary. For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies. *Parameters:* |url| - the url to be encoded.*Returns:* the encoded URL if encoding is needed; the unchanged URL otherwise. That's off of Sun's JDK docs for J2EE 1.3. I think it danged well better have the session in it if cookies are off! I don't know why I was thinking attributes would be there ... the sessionid is really the only piece you need to track things you are persisting. Alex Kachanov wrote: >Wll Tomcat 4.0.x reference implementation returns: > >/index.jsp > >Then, that means all AS are wrong and just one Jrun is right? > >with best wishes >Alexander Kachanov > >-----Original Message----- >From: Eddie Bush [mailto:[EMAIL PROTECTED]] >Sent: 11 y| 2002 s. 11:59 >To: Tomcat Users List >Subject: Re: getRequestURI() > > >I'd say the first one, but I'm not authoritative. To the best of my >recollection, however, that is precisely what encodeURL is there for. > Hopefully someone else will have something additional to add. I >_really_ think it should be the first (including the sessionid - and >other cookies/params too?). > >Regards, > >Eddie > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>