File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes question about cookies/url encoding Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "question about cookies/url encoding" Watch "question about cookies/url encoding" New topic

question about cookies/url encoding

Maulin Vasavada
Ranch Hand

Joined: Nov 04, 2001
Posts: 1873
hi all,
i'm having this question for sometime. i know we can track session using cookies (i guess thats the way most webserver work when we put anything in the session variable to track the session - Session Cookie i mean precisely) and there is this URL Encoding in option to that method where we embed the session tracking information in every URL we send to the client browser.
i am aware that URL Encoding is safest way when clients are shutting down the cookie access (disabling the cookies on their machine).
my puzzle is following,
"DO WE NEED TO WRITE A CODE THAT FIRST CHECKS IF THE COOKIES ARE ENABLED?" and THEN have the appropriate optional code for URL Encoding so that we can activate that code if the cookies are found disabled in the browser?
i would really guess that is the case because webserver can't do magic and switch b/w cookie based session tracking to URL Encoded based one.
though i have not seen a code that does have both these options and performs switching upon appropriate alternative is found.
well, the code that will help us to determine if the cookie is enabled or not is not at all difficult to write. we can just write a cookie and try to read it back. if we can't read the cookie back then the cookies are diabled and then we can switch our code to employ URL Encoding for session tracking...
please let me know whether my thinking is correct or i'm terribly messed up my mind regarding this
thank you.
Pat Wallwork
Ranch Hand

Joined: Sep 23, 2001
Posts: 72
This is right from the API:

Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.
For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

So as long as you encode your links you don't have to worry about it :-)
Maulin Vasavada
Ranch Hand

Joined: Nov 04, 2001
Posts: 1873
hi pat
thanks for the pointer. i feel better
I agree. Here's the link:
subject: question about cookies/url encoding
It's not a secret anymore!