DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10418>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10418 logic whether URL needs to be encoded in HttpServletResponse.encodeURL() broken [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Critical |Minor Status|NEW |RESOLVED Resolution| |WONTFIX Version|4.0.4 Final |4.1.6 ------- Additional Comments From [EMAIL PROTECTED] 2002-07-03 07:55 ------- I do not agree with this. If the client continues to submit the session id, then that means he's still using the same user-agent. So unless we're in the unlikely event that he disables cookies in the middle without ending his user agent session, nothing bad should happen. I'm -1 for this patch anyway, as hreq.isRequestedSessionIdValid() is an expensive methos call. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
