You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by ma...@tiger.com.pl on 2001/04/23 22:57:30 UTC

Problem with sessions via rewritten and unencoded URL

I need to refresh servlet generated pages via 
http-equiv="Refresh" i.e. (with URLRewring on):
...
<meta content="10; URL=x;jsessionid=2vnxuvlp71" http-equiv="Refresh">
...

Opera 5.02 redirects correctly while IE 5.5 redirects just to x.
When I use encoded URL i.e.:
...
<meta content="10; URL=x%3bjsessionid=2vnxuvlp71" http-equiv="Refresh">
...
Both browsers works as expected but Tomcat does not identify session id 
correctly. 

Following change in org.apache.tomcat.request.SessionInterceptor resolves the
problem:

line 117: 
String uri=request.getRequestURI();
-->
String uri=RequestUtil.URLDecode(request.getRequestURI());

This raises following issues:
 o Should getRequestedURI return decoded or undecoded URL's?
 o Shouldn't URLs be encoded while rewritten?
 o Is this a bug? Should be submitted?


Maciek Kaminski
maciejka@tiger.com.pl