In Tomcat, you only have to use the following HttpServletResponse method: public java.lang.String encodeURL(java.lang.String url) This will encode the URL with the jsessionid only if encoding is needed (ie, it doesn't support cookies, etc..). For sendRedirect(), use encodeRedirectURL(). Thnaks, Sudd
SCJP 1.4, SCWCD, SCBCD 1.3
Joined: Jan 29, 2003
Hi Ghosh, Thanks for ur reply. I have a question now, if we should always use encodeURL for every url and encodeRedirectURL() for sendRedirect() or we should check if cookies are disabled then only use thse methods. also is there any specific method in servlet API to check if cookies are enabled or not? Thanks Sanjiv
It's a good idea to always use the encoding methods for *every* URL that is emitted by both your servlets and JSPs. As the API says, they will not bother re-writing URLS if the browser supports cookies, so you have nothing to loose by using them all the time (and lots to gain).
As for checking if cookies are enabled, the only way to do this is to try to set a cookie and on the next request, see if you can retrieve the cookie.