larryi 01/03/07 13:29:45
Modified: src/facade22/org/apache/tomcat/facade
HttpServletResponseFacade.java
Log:
Port changes from tomcat_32 by Marc Saegesser
This fixes some additional problems uncovered by the fix for
Bugzilla 160.
The isEncodable() method used isRequestedSessionIdValid() to determine
if there was an active session.This is incorrect, because the requested
session id may have expired or been invalidated and a new session created.
isEncodeable() now encodes sessions that are new (i.e. we don't know yet
if the client will be sending cookies or not) or if, if the session
is not new (meaning the requested session id was a valid session) and
the requested session id did not come from a cookie.
Revision Changes Path
1.19 +19 -15
jakarta-tomcat/src/facade22/org/apache/tomcat/facade/HttpServletResponseFacade.java
Index: HttpServletResponseFacade.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/HttpServletResponseFacade.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- HttpServletResponseFacade.java 2001/02/27 02:42:38 1.18
+++ HttpServletResponseFacade.java 2001/03/07 21:29:38 1.19
@@ -1,4 +1,8 @@
/*
+ * $Header:
/home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/HttpServletResponseFacade.java,v
1.19 2001/03/07 21:29:38 larryi Exp $
+ * $Revision: 1.19 $
+ * $Date: 2001/03/07 21:29:38 $
+ *
* ====================================================================
*
* The Apache Software License, Version 1.1
@@ -135,8 +139,7 @@
*/
public String encodeRedirectURL(String location) {
if (isEncodeable(toAbsolute(location)))
- return (toEncoded(location,
- response.getRequest().getRequestedSessionId()));
+ return (toEncoded(location, response.getRequest().getSession(false)));
else
return (location);
}
@@ -150,8 +153,7 @@
public String encodeURL(String url) {
if (isEncodeable(toAbsolute(url)))
- return (toEncoded(url,
- response.getRequest().getSessionId()));
+ return (toEncoded(url, response.getRequest().getSession(false)));
else
return (url);
}
@@ -330,15 +332,16 @@
if (location.startsWith("#"))
return (false);
- // Are we in a valid session that is not using cookies?
+ // Are we in a valid session that is not using cookies?
Request request = response.getRequest();
- HttpServletRequestFacade reqF=(HttpServletRequestFacade)request.
- getFacade();
-
- if (!reqF.isRequestedSessionIdValid() )
- return (false);
- if ( reqF.isRequestedSessionIdFromCookie() )
- return (false);
+ ServerSession session = request.getSession(false);
+ if(session == null || !session.isValid())
+ return false;
+ // If the session is new, encode the URL
+ if(!session.getTimeStamp().isNew() &&
+ ((HttpServletRequestFacade)request.getFacade()).
+ isRequestedSessionIdFromCookie())
+ return false;
// Is this a valid absolute URL?
URL url = null;
@@ -415,13 +418,14 @@
* suitably encoded.
*
* @param url URL to be encoded with the session id
- * @param sessionId Session id to be included in the encoded URL
+ * @param session Session whose id is to be included in the encoded URL
*/
- private String toEncoded(String url, String sessionId) {
+ private String toEncoded(String url, ServerSession session) {
- if ((url == null) || (sessionId == null))
+ if ((url == null) || (session == null))
return (url);
+ String sessionId = session.getId().toString();
String path = null;
String query = null;
int question = url.indexOf("?");
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
