> > Monitoring the HTTP headers for both IE and > Firefox using > > HttpAnalyzer for > > IE and LiveHttpHeaders for Firefox gives the > following: > > 1) IE > > > > (Request-Line):GET http://www.tophotelchoices.com/ > HTTP/1.1 > > Accept:*/* > > Accept-Language:en-gb > > Accept-Encoding:gzip, deflate > > User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; > Windows NT 5.1; > > SV1; .NET CLR > > 1.1.4322; InfoPath.1) > > Host:www.tophotelchoices.com > > Proxy-Connection:Keep-Alive > > Pragma:no-cache > > Cookie:JSESSIONID=6F187E9E698F5D81A09DF6AD0D25115D > > > > (Status-Line):HTTP/1.0 200 OK > > Date:Thu, 16 Feb 2006 22:09:18 GMT > > Server:Apache/1.3.33 (Unix) mod_jk/1.2.15 > > Cache-Control:no-cache > > Pragma:no-cache > > Expires:Wed, 31 Dec 1969 23:59:59 GMT > > Content-Type:text/html;charset=UTF-8 > > X-Cache:MISS from proxy01.spidernet.net > > X-Cache-Lookup:MISS from proxy01.spidernet.net:83 > > Proxy-Connection:close > > > > 2) FIREFOX: > > GET http://www.tophotelchoices.com/index.jsp > HTTP/1.1 > > Host: www.tophotelchoices.com > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT > 5.1; en-GB; rv:1.7.12) > > Gecko/20050919 Firefox/1.0.7 > > Accept: > > > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 > ,text/plain;q= > > 0.8,image/png,*/*;q=0.5 > > Accept-Language: en-gb,en;q=0.5 > > Accept-Encoding: gzip,deflate > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > Keep-Alive: 300 > > Proxy-Connection: keep-alive > > Referer: > http://www.tophotelchoices.com/timeout.jsp > > Cookie: > JSESSIONID=3849A82D2F9B6991FE41073D771D1358 > > Cache-Control: max-age=0 > > > > HTTP/1.x 200 OK > > Date: Thu, 16 Feb 2006 22:12:27 GMT > > Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 > > Cache-Control: no-cache > > Pragma: no-cache > > Expires: Wed, 31 Dec 1969 23:59:59 GMT > > Content-Type: text/html;charset=UTF-8 > > X-Cache: MISS from proxy01.spidernet.net > > X-Cache-Lookup: MISS from proxy01.spidernet.net:83 > > Proxy-Connection: close > > > > Obviously, the response is the same in both cases, > however, > > for FireFox the > > important difference I see in Request is the one > saying Cache-control: > > max-age=0 and also, the Keep-Alive value 300. I do > not think > > the Keep-Alive > > value is the problem, however, the Cache-Control: > max-age=0 > > is suspicious. > > In my code I have > > response.setHeader("Cache-Control","no-cache") but > I think > > this is different. Does anyone have a clue what > the > > max-age:0 is doing? > > > > Your help will be greatly appreciated. > > > > > > Thanks and regards, > > Michael > > > > >-----Original Message----- > > >From: Filip Hanik - Dev Lists > [mailto:[EMAIL PROTECTED] > > >Sent: 15 February 2006 22:16 > > >To: Tomcat Users List > > >Subject: Re: Session Expires At Every Request > (Tomcat5.0.28/Firefox) > > > > > >George Sexton wrote: > > >> Does the code transparently create a new > JSessionID value then? > > > > > >George, > > >you might wanna rethink your comments, they don't > shine any > > >light on the issue and they for sure don't state > any facts, > > >let me prove you I am right. Below is the headers > I tracked > > >with LiveHttpHeaders, as you can see, JSESSIONID > remains > > >exactly the same in the browser request when the > switch from > > >HTTP to HTTPS happens. > > >This is Firefox on Fedora 4. The site works fine. > > > > > >This must be a browser issue, can you tell us a > little bit > > >more about what version and platform your browser > is on. > > > > > >1. Request to the home - non secure > > > >============================================================ > > >http://www.tophotelchoices.com/ > > >GET / HTTP/1.1 > > >Host: www.tophotelchoices.com > > >User-Agent: Mozilla/5.0 (X11; U; Linux i686; > en-US; rv:1.8.0.1) > > >Gecko/20060124 Firefox/1.5.0.1 > > >Accept: > > > >text/xml,application/xml,application/xhtml+xml,text/html;q=0.9, > > text/plain;q=0.8,image/png,*/*;q=0.5 > > >Accept-Language: en-us,en;q=0.5 > > >Accept-Encoding: gzip,deflate > > >Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > >Keep-Alive: 300 > > >Connection: keep-alive > > >Referer: http://www.tophotelchoices.com/ > > > > > >HTTP/1.x 200 OK > > >Date: Wed, 15 Feb 2006 20:08:55 GMT > > >Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 > > >Set-Cookie: > JSESSIONID=735009FD40D725EDAA14389409CD60FF; Path=/ > > >Cache-Control: no-cache > > >Pragma: no-cache > > >Expires: Wed, 31 Dec 1969 23:59:59 GMT > > >Keep-Alive: timeout=5, max=20 > > >Connection: Keep-Alive > > >Transfer-Encoding: chunked > > >Content-Type: text/html;charset=UTF-8 > > > > > >2. Click on the request button - switch from HTTP > to HTTPS > > > >https://www.tophotelchoices.com/bookingServlet1?hotel=ASI > > >GET /bookingServlet1?hotel=ASI HTTP/1.1 > > >Host: www.tophotelchoices.com:443 > > >User-Agent: Mozilla/5.0 (X11; U; Linux i686; > en-US; rv:1.8.0.1) > > >Gecko/20060124 Firefox/1.5.0.1 > > >Accept: > > > >text/xml,application/xml,application/xhtml+xml,text/html;q=0.9, > > text/plain;q=0.8,image/png,*/*;q=0.5 > > >Accept-Language: en-us,en;q=0.5 > > >Accept-Encoding: gzip,deflate > > >Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > >Keep-Alive: 300 > > >Connection: keep-alive > > >Referer: > http://www.tophotelchoices.com/searchResults.jsp > > >Cookie: > JSESSIONID=735009FD40D725EDAA14389409CD60FF > > > > > >HTTP/1.x 200 OK > > >Date: Wed, 15 Feb 2006 20:11:54 GMT > > >Server: Apache/1.3.33 (Unix) mod_jk/1.2.15 > > >Cache-Control: no-cache > > >Pragma: no-cache > > >Expires: Wed, 31 Dec 1969 23:59:59 GMT > > >Keep-Alive: timeout=5, max=20 > > >Connection: Keep-Alive > > >Transfer-Encoding: chunked > > >Content-Type: text/html;charset=UTF-8 Maybe output your headers from the server side. See if something is going on with your particular firefox instance like some headers getting grouped by not delimiting correctly or something (maybe \n instead of \r\n)...see what cookies you get too....output everything you can think of from your request to the JSP. If you already have then disregard.
Wade --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
