marcsaeg 01/03/06 09:38:17
Modified: src/share/org/apache/tomcat/facade Tag: tomcat_32
HttpServletResponseFacade.java
Log:
This fixes some additional problems uncovered by the fix for
Bugzilla 160.
The isEncodable() method used isRequestedSessionIdValid() to determine
if there was an active session. This is incorrect, because the requested
session id may have expired or been invalidated and a new session created.
isEncodeable() now encodes sessions that are new (i.e. we don't know yet
if the client will be sending cookies or not) or if, if the session
is not new (meaning the requested session id was a valid session) and
the requested session id did not come from a cookie.
Revision Changes Path
No revision
No revision
1.6.2.3 +19 -17
jakarta-tomcat/src/share/org/apache/tomcat/facade/Attic/HttpServletResponseFacade.java
Index: HttpServletResponseFacade.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/facade/Attic/HttpServletResponseFacade.java,v
retrieving revision 1.6.2.2
retrieving revision 1.6.2.3
diff -u -r1.6.2.2 -r1.6.2.3
--- HttpServletResponseFacade.java 2000/11/20 23:59:43 1.6.2.2
+++ HttpServletResponseFacade.java 2001/03/06 17:38:13 1.6.2.3
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/facade/Attic/HttpServletResponseFacade.java,v
1.6.2.2 2000/11/20 23:59:43 craigmcc Exp $
- * $Revision: 1.6.2.2 $
- * $Date: 2000/11/20 23:59:43 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/facade/Attic/HttpServletResponseFacade.java,v
1.6.2.3 2001/03/06 17:38:13 marcsaeg Exp $
+ * $Revision: 1.6.2.3 $
+ * $Date: 2001/03/06 17:38:13 $
*
* ====================================================================
*
@@ -120,8 +120,7 @@
*/
public String encodeRedirectURL(String location) {
if (isEncodeable(toAbsolute(location)))
- return (toEncoded(location,
- response.getRequest().getRequestedSessionId()));
+ return (toEncoded(location, response.getRequest().getSession(false)));
else
return (location);
}
@@ -135,11 +134,10 @@
public String encodeURL(String url) {
if (isEncodeable(toAbsolute(url)))
- return (toEncoded(url,
- response.getRequest().getRequestedSessionId()));
+ return (toEncoded(url, response.getRequest().getSession(false)));
else
- return (url);
- }
+ return (url);
+ }
/**
* @deprecated
@@ -333,12 +331,14 @@
if (location.startsWith("#"))
return (false);
- // Are we in a valid session that is not using cookies?
- Request request = response.getRequest();
- if (!request.getFacade().isRequestedSessionIdValid() )
- return (false);
- if ( request.getFacade().isRequestedSessionIdFromCookie() )
- return (false);
+ // Are we in a valid session that is not using cookies?
+ Request request = response.getRequest();
+ HttpSession session = request.getSession(false);
+ if(session == null)
+ return false;
+ // If the session is new, encode the URL
+ if(!session.isNew() &&
request.getFacade().isRequestedSessionIdFromCookie())
+ return false;
// Is this a valid absolute URL?
URL url = null;
@@ -412,11 +412,12 @@
* @param url URL to be encoded with the session id
* @param sessionId Session id to be included in the encoded URL
*/
- private String toEncoded(String url, String sessionId) {
+ private String toEncoded(String url, HttpSession session) {
- if ((url == null) || (sessionId == null))
+ if ((url == null) || (session == null))
return (url);
+ String sessionId = session.getId();
String path = null;
String query = null;
int question = url.indexOf("?");
@@ -431,6 +432,7 @@
sb.append(sessionId);
if (query != null)
sb.append(query);
+
return (sb.toString());
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
