W3C home > Mailing lists > Public > www-jigsaw@w3.org > September to October 1998

Re: Problem passing parameter to servlet while handling a session

From: Benoit Mahe <Benoit.Mahe@sophia.inria.fr>
Date: Thu, 24 Sep 1998 17:57:06 +0200
Message-Id: <199809241557.RAA05068@ender.inria.fr>
To: Gildas Mazery <mazery@agence.cpu.fr>
cc: "'www-jigsaw@w3.org'" <www-jigsaw@w3.org>
Gildas Mazery writes:

> Hi,

...

> 
> So, I have modified JigsawHttpServletResponse.java in the package 
> org.w3c.jigsaw.servlet, replacing
> 
>     public String encodeUrl(String url) {
> 	if (! jrequest.isRequestedSessionIdFromCookie()) {
> 	    url = url +  "?" + jrequest.getCookieName()+"="+
> 		jrequest.getSession(true).getId();
> 	}
> 	return url;
>     }
> by
>     public String encodeUrl(String url) {
> 	if (! jrequest.isRequestedSessionIdFromCookie()) {
> 	    url = url + (    url.indexOf("?") != -1    ? "&" : "?")
>                  + jrequest.getCookieName()+"="+
> 		jrequest.getSession(true).getId();
> 	}
> 	return url;
>     }
> 
> I don't know if the change is revelant, however the change is minor 
> and then, the set of servlets a was testing (Duke's Bookstore of the
> java.sun's tutorial) seems finally to work fine with a web browser
> that refuse cookies. 

  Yes, your bug fix is welcome, thank you. I think this is the good way to 
  encode the URLs

> (In fact I also had to disable auto-load for the servletwrapper and 
> add the servlet's directory to the CLASSPATH, to allow a servlet to
> use an another one. This seems to be a bug in jigsaw's class_loader and  
> the workaround is found in the mailing list archive). 

 This is a well known problem that has been fixed, the next version of
 Jigsaw will have a well working autoreload feature. (The next release is 
 planned for the end of the month).

> 
> However, the code of the first servlet is suspect : encodeUrl is used before
> creating a session. I am not sure that's a normal thing. 
> I guess that's why the session is always handled by adding a parameter
> to the URL, even if the browser accept cookies.

 The first time the browser send a request to the servlet, the 
 servlet is unable to know if the browser accept cookies or not. So,
 at that time, encoreUrl must add a session Id in the URL. In the 
 following requests, the servlet will know if the browser accept 
 cookies or not and then encodeUrl will add the session Id in the URL 
 only if cookies are not accepted.

 Regards, Benoit.

 PS: thanks again for the bug fix.


- Benoît Mahé -------------------------------------------------------
                      World Wide Web Consortium (W3C)
                    Architecture domain - Jigsaw Team           

  http://www.w3.org/People/Mahe - bmahe@w3.org - +33.4.92.38.79.89 
---------------------------------------------------------------------
Received on Thursday, 24 September 1998 11:57:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:28 GMT