On 1:59 PM, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

There was a change in 6.0.33 (and it has always been the case in
7.0.x?) that HttpServletRequest.getRequestURI now returns path
parameters as part of the URI. That notably includes the URL-encoded
jsessionid that Tomcat uses when the availability of cookies on the
client is set to be determined.

I have a Filter that checks to see if the user is accessing a
particular set of predefined pages and redirects them if they don't
hit any of them.

Needless to say, without any changes to my code, anyone who hits this
filter who either has cookies disabled or is in the middle of an
authentication ritual that redirects to the original page is going to
have a problem.

Is it safe to simply remove everything after the initial ";" if I'm
not interested in any path parameters? I don't want to just trim-off
that kind of thing blindly if there are any gotchas that I should be
aware of.

Can anyone think of a reason I can't just do that?

Thanks,
- -chris

Hi, Chris-

What about using HttpServletRequest.getServletPath()?

-Terence Bandoian


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to