Re: [jetty-discuss] Re: response.encodeRedirectURL adds jsessionid to URLs

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Greg,

> Jetty will add teh ;jsessionid to the rewritten URL when there is no
> evidence that a cookie will be accepted.  ie there is no session
> cookie.

Hm, then there must be a bug in Jetty 5.1.5.  The reason I say that
I've seen this happen (jsessionid being added) to me when I use
Firefox, with cookies on and normally working.  But it doesn't happen
all the time, just once in a while, which probably means that there is
some rare case that the implementation logic hits once in a while and
adds jsessionid when it really doesn't need to.

> If the request has a session cookie (even for an old session), then
> there is no need to add the ;jsessionid to the URL.

Right.  So that's what I tried describing above - the session has a
cookie, yet jsessionid gets added.
I can add some debugging to my application and try to retrieve the
"JSESSIONID" cookie before calling encodeRedirectURL to make sure the
session cookie is there, but as I said - session/cookie works perfectly
fine with Firefox, so my guess is that Jetty has trouble getting the
session cookie, even when it is there.

> If you are happy to never work without cookies, then you do not need
> to call encodeRedirectURL.

Sounds like I shouldn't be calling encodeRedirectURL at all, actually,
as all I really want to do is encode the URL (e.g. spaces to %20)
before redirecting to it.  And, as I said, those are external URLs that
point to other web sites and pages, so they don't session cookie at
all.

Thanks!

Otis

> ogj...@ya... wrote:
> > Hello,
> > 
> > I've noticed that Jetty (4.2.17 as well as 5.1.15) can sometimes
> add
> > "jsessionid" to the URL when I call:
> > 
> >   response.encodeRedirectURL(URL-String-Goes-Here);
> > 
> > For example:
> > 
> >   String u = "http://www.echogent.com/index.htm"
> >   response.encodeRedirectURL(u);
> > 
> > Roughly 15% of the time this results in:
> > 
> >   http://www.echogent.com/index.htm;jsessionid=5ja3gmce8lk0t
> > 
> > 
> > Is this normal?
> > 
> > The reason I'm encoding URLs is so that I can redirect to them:
> > 
> >   response.sendRedirect(response.encodeRedirectURL(u));
> > 
> > This code runs in one of my servlets and the URLs that I redirect
> to
> > are _external_ URLs (external sites).
> > 
> > You can see that in action at http://simpy.com/ where, right after
> > tagging and saving a link, you are redirected to the saved link via
> the
> > above mechanism.  The problem is that in 15% of the cases the saved
> > link gets this "jsessionid" appended to it erroneously, which
> results
> > in a redirect to a non-existing link -- 404! :(
> > 
> > Should I be using URLEncoder.encode(...) instead?
> >
>
http://java.sun.com/j2se/1.5.0/docs/api/java/net/URLEncoder.html#encode(java.lang.String,%20java.lang.String)
> > 
> > Thanks,
> > Otis
> > 
> > .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> > Simpy -- http://www.simpy.com/ -- Find it. Tag it. Share it.
> > 
> > 
> > -------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc. Do you grep through
> log files
> > for problems?  Stop!  Download the new AJAX search engine that
> makes
> > searching your log files as easy as surfing the  web.  DOWNLOAD
> SPLUNK!
> > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> 
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through
> log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD
> SPLUNK!
> http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> _______________________________________________
> jetty-discuss mailing list
> jet...@li...
> https://lists.sourceforge.net/lists/listinfo/jetty-discuss
> 