Hello Mark, Chris and Terence. Thank you for your answers. After reading them and observing a few things I realized that my problem is not exactly the one I described at first.
Christopher Schultz-2 wrote > The Referer is going to be the URL that was showing in the web browser > when the user clicked on the Submit button. This is right. I hadn't noticed it but the URL which is showing is NOT https://host/webapp/example1.jsp. Instead, it is https://host/webapp/do_example. So, what I was describing as abnormal in my first post is actually normal. So the problem is coming from elsewhere... Before I tried to make the webapp work with HTTPS, I was always using calls like these: ---------------------------------------------------------------------- response.sendRedirect("example1.jsp"); ---------------------------------------------------------------------- Last week, I replaced all these calls with these new ones: ---------------------------------------------------------------------- requestDispatcher = getServletContext().getRequestDispatcher("/example1.jsp"); requestDispatcher.forward(request, response); ---------------------------------------------------------------------- (with the appropriate JSP of course). I made that change because "sendRedirect()" didn't "work" with HTTPS. I didn't mention this before because I thought it was solving this other problem. Instead, it provokes new ones. What I actually would like is the webapp to behave like before: showing JSP page names in the URLs bar instead of "URL patterns": in a given servlet, I generally have several "forward()" calls and hence several different ".jsp" pages to forward to depending on what happens inside the servlet. Having all of them replaced by something like "do_example" is kind of not what I had planned. It's definitely very problematic. So, hum, as I didn't asked it at the time: why can't I go on using "sendRedirect()" along with HTTPS? If I have to use "forward()", is there any way I could make it behave the way I described above? Is there another method I could use that would suit my needs? Best regards. P.S. For the problem I was posting at first, as I don't really need to rely on the "referer" request header, I can instead, set a session attribute in each JSP. In "example1.jsp" for instance: -------------------------------------------------------------------- <c:set var="sessAtt" value="example1.jsp" scope="session"></c:set> -------------------------------------------------------------------- When in the "doPost()" method of the servlet, I'll know which JSP form what submitted... -- View this message in context: http://tomcat.10.x6.nabble.com/From-HTTP-to-HTTPS-request-getHeader-referer-tp5024782p5024848.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
