You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/03/16 14:00:00 UTC

DO NOT REPLY [Bug 27705] New: - HttpServletResponse.encodeURL does not work correctly with https

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27705>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=27705

HttpServletResponse.encodeURL does not work correctly with https

           Summary: HttpServletResponse.encodeURL does not work correctly
                    with https
           Product: Tomcat 4
           Version: 4.1.27
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Servlet & JSP API
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: pyropunk@usa.net


Looks like encodeURL does not encode the url if the protocol, server or port is 
not the same as the page that is generated.
i.e. if the context is http://some.server.com/context/path/page
and the servlet tries to generate encoded urls to:
https://some.server.com/context/path/page
or
http://some.server.com:81/context/path/page
or
http://other.server.com/context/path/page
encodeURL does not add the session id.

I would like to hear an explanation for this bizzarre behaviour.

Should it not just determine whether cookies enabled and encode the URL if they 
are disabled?

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org