DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31232>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31232 response.encodeURL() not encoding URL when mix of cookies and URL rewriting Summary: response.encodeURL() not encoding URL when mix of cookies and URL rewriting Product: Tomcat 5 Version: 5.0.28 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Setup: ~~~~~~ I have two contexts. The root context allows cookies and the sub context does URL rewriting. ie: <Context path="" docBase="sub" reloadable="true" privileged="false"/> <Context path="/sub" docBase="sub" cookies="false" reloadable="true" privileged="false"/> In the docBase is only an index.jsp which justs print out the session and cookie info and does encodeURL() for the link to the sub context. If I do: 1) goto http://localhost:8080/index.jsp (uses cookies) 2) goto http://localhost:8080/sub/index.jsp (uses URL rewrite) 3) click on the link which is response.encodeURL("/sub/index.jsp") Issue: ~~~~~~ I find that the root context's cookie is passed onto the sub context. Because of this the encodeURL() doesn't encode the URL for rewriting in the sub context. Each time I click on the response.encodeURL("/sub/index.jsp") link a new session id is generated each time. Example: ~~~~~~~~ Request URI = /sub/index.jsp Session ID = 80A6E1BEC167333A8E05E3588EA0C3A8 Is New = true Is Valid = false >From Cookie = true >From URL = false Cookie[0] (from /index.jsp) getComment() = null getDomain() = null getMaxAge() = -1 getName() = JSESSIONID getPath() = null getSecure() = false getValue() = F436A1045778EC9E794449A0192BD406 getVersion() = 0 ------------------------- Because request.isRequestedSessionIdFromCookie() returns true (since the root's cookie is passed to the sub context) the URL is not encoded with the sub context's session id. I've tried this on Windows & Linux, and with IE & Firefox...all produced the same results. I've attached example of this issue. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
