TC 3.3: getRequestURI()

[Bojan Smojver <bo...@binarix.com>]

The latest TC 3.3 CVS with its mod_jk, gives an encoded URI, together
with the session ID on HttpServletRequest.getRequestURI().

Example:

/login/login.vm%3bjsessionid=q95pbsuof1

Previously, jsessionid wasn't there. The change was intentional, right?

Bojan

Re: TC 3.3: getRequestURI()

[Bill Barker <wb...@wilshire.com>]

Yes.
----- Original Message ----- 
From: "Keith Wannamaker" <Ke...@Wannamaker.org>
To: <to...@jakarta.apache.org>
Sent: Wednesday, September 26, 2001 10:57 AM
Subject: RE: TC 3.3: getRequestURI()


> Are you using mod_jk?
> 
> | -----Original Message-----
> | From: Bill Barker [mailto:wbarker@wilshire.com]
> | Sent: Wednesday, September 26, 2001 1:17 PM
> | To: tomcat-dev@jakarta.apache.org
> | Subject: Re: TC 3.3: getRequestURI()
> | 
> | 
> | I don't get this with RC1.  From tomcat-log with debugging enabled for
> 
> 


*----*

This message is intended only for the use of the person(s) listed above 
as the intended recipient(s), and may contain information that is 
PRIVILEGED and CONFIDENTIAL.  If you are not an intended recipient, 
you may not read, copy, or distribute this message or any attachment.  
If you received this communication in error, please notify us immediately 
by e-mail and then delete all copies of this message and any attachments.


In addition you should be aware that ordinary (unencrypted) e-mail sent 
through the Internet is not secure. Do not send confidential or sensitive 
information, such as social security numbers, account numbers, personal 
identification numbers and passwords, to us via ordinary (unencrypted) 
e-mail. 

RE: TC 3.3: getRequestURI()

[Keith Wannamaker <Ke...@Wannamaker.org>]

Are you using mod_jk?

| -----Original Message-----
| From: Bill Barker [mailto:wbarker@wilshire.com]
| Sent: Wednesday, September 26, 2001 1:17 PM
| To: tomcat-dev@jakarta.apache.org
| Subject: Re: TC 3.3: getRequestURI()
| 
| 
| I don't get this with RC1.  From tomcat-log with debugging enabled for

Re: TC 3.3: getRequestURI()

[Bill Barker <wb...@wilshire.com>]

I don't get this with RC1.  From tomcat-log with debugging enabled for
Sessions and Decode:
2001-09-26 11:04:29 - DecodeInterceptor: Before
/index.jsp%3bjsessionid=xx7xdv3ca1
2001-09-26 11:04:29 - DecodeInterceptor: After
/index.jsp;jsessionid=xx7xdv3ca1
2001-09-26 11:04:29 - SessionId: Url rewriting, found
org.apache.tomcat.core.ServerSession@7a8a02
2001-09-26 11:04:29 - ContextManager: Before Body xx7xdv3ca1

In other words, SessionId correctly removes the session identifier before it
can reach HttpServletRequest.getRequestURI()
----- Original Message -----
From: "Bojan Smojver" <bo...@binarix.com>
To: "Tomcat Dev List" <to...@jakarta.apache.org>
Sent: Wednesday, September 26, 2001 4:41 AM
Subject: TC 3.3: getRequestURI()


> The latest TC 3.3 CVS with its mod_jk, gives an encoded URI, together
> with the session ID on HttpServletRequest.getRequestURI().
>
> Example:
>
> /login/login.vm%3bjsessionid=q95pbsuof1
>
> Previously, jsessionid wasn't there. The change was intentional, right?
>
> Bojan
>
>


*----*

This message is intended only for the use of the person(s) listed above 
as the intended recipient(s), and may contain information that is 
PRIVILEGED and CONFIDENTIAL.  If you are not an intended recipient, 
you may not read, copy, or distribute this message or any attachment.  
If you received this communication in error, please notify us immediately 
by e-mail and then delete all copies of this message and any attachments.


In addition you should be aware that ordinary (unencrypted) e-mail sent 
through the Internet is not secure. Do not send confidential or sensitive 
information, such as social security numbers, account numbers, personal 
identification numbers and passwords, to us via ordinary (unencrypted) 
e-mail.