Re: From HTTP to HTTPS request.getHeader("referer")

Tue, 04 Nov 2014 16:45:07 -0800 

On 11/4/2014 4:46 AM, Léa Massiot wrote:

Hi,


Terence M.  Bandoian wrote:
I'm not sure how you're using it but it's worth pointing out that
response.sendRedirect "Sends a temporary redirect response to the
client..."  The client (browser) must then send another request to the
server before any additional processing takes place.  In contrast,
pageContext.forward takes place entirely on the server.

I didn't know that.
I thought there was one HTTP(S) request and one HTTP(S) response only.
How can the mechanism you describe above affect the use of HTTPS for a
webapp with the "CONFIDENTIAL" security constraint on a standalone Tomcat
server?

I'm using "sendRedirect()" in a very straightforward way I think.
I use some sort of "pipelines" for a subset "S" of JSPs in the webapp:
1) Given a JSP "s" in "S", it contains a "form" with an "action" attribute
mapped via "web.xml" to a servlet L.
2) The servlet L  implements either a doPost() or (rarely) a doGet() method.
3) Given what was submitted via the form, "work" is performed in the
servlet.
4) When the servlet work is done and depending on the result (success 1,
..., success n / error 1, ..., error n), the servlet redirects towards the
next JSP using the method "sendRedirect()".
Is there "a temporary redirect response to the client" in that case?
Is this behavior documented somewhere? I could totally benefit from a good
documentation...

Best regards.



Hi, Léa-
You can find information about HttpServletResponse and PageContext in the Java Servlet and JavaServer Pages specifications which are available on the Oracle web site. JavaDocs are also available online. Be sure to reference the appropriate versions of the specs and JavaDocs for your application. Links to copies of the JavaDocs are available on the Tomcat documentation pages: 

    Tomcat 7 - https://tomcat.apache.org/tomcat-7.0-doc/index.html
    Tomcat 8 - https://tomcat.apache.org/tomcat-8.0-doc/index.html
The links are labeled "Servlet JavaDocs" and "JSP 2.x JavaDocs" in the Reference section on the left. 

-Terence Bandoian


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to