You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2005/05/05 05:28:40 UTC

DO NOT REPLY [Bug 34749] New: - jsessionid dropped on trailing slash (/) redirect

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34749>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34749

           Summary: jsessionid dropped on trailing slash (/) redirect
           Product: Tomcat 5
           Version: 5.0.30
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Connector:Coyote
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jdb@getsu.com


When CoyoteAdapter forces a redirect from, e.g., /someDir to /someDir/ it omits
the jsessionid from the URL.  This prevents Filters from using the session after
the redirect.

To reproduce:
1. Turn off cookies by adding <DefaultContext cookies="false"/> to server.xml.
2. Start Tomcat and browse to the session example:
http://localhost:8080/servlets-examples/servlet/SessionExample
3. Click on the "URL encoded" link, e.g.:
http://localhost:8080/servlets-examples/servlet/SessionExample;jsessionid=B191701A64C8AA13956E21B3C6D801AA?dataname=foo&datavalue=bar
4. Edit the URL changing "servlet/SessionExample" to "images/" and press Enter:
http://localhost:8080/servlets-examples/images/;jsessionid=B191701A64C8AA13956E21B3C6D801AA?dataname=foo&datavalue=bar
5. Edit the URL deleting the "/" before the ";" and press Enter:
http://localhost:8080/servlets-examples/images;jsessionid=B191701A64C8AA13956E21B3C6D801AA?dataname=foo&datavalue=bar
6. Observe that the redirected URL is missing the jsessionid:
http://localhost:8080/servlets-examples/images/?dataname=foo&datavalue=bar

(This bug can also be reproduced without the query parameters.)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org