aspose file tools*
The moose likes Servlets and the fly likes more questions about session and encodeURL() Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "more questions about session and encodeURL()" Watch "more questions about session and encodeURL()" New topic
Author

more questions about session and encodeURL()

Frank Sikuluzu
Ranch Hand

Joined: Dec 16, 2003
Posts: 116
After realizing session is a powerful tool and that there is a encodeURL(), I just come up with more questions ---

1. it seems "jsessionid" is normally stored in a cookie on the client side. so if a browser does NOT support cookie, then using encodeURL() is a must do. In other words, since we (the server side programmer) has no control over client side, we better ALWAYS use encodeURL(), does this make sense ?

2. instead of using encodeURL(), what if I simply do

String newURL = "/nextURL;jsessionid=" + session.getId();
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);

3. if i use encodeURL, is following the right way to code ---

String newURL = res.encodeURL(oldURL);
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);
rd.forward(req, res);

4. if I "forward()" to a JSP instead of servlet, do I still need to use "encodeURL" ?
Rusty Enisin
Ranch Hand

Joined: May 26, 2005
Posts: 107
1.
we better ALWAYS use encodeURL(), does this make sense ?

Yes

2.
instead of using encodeURL(), what if I simply do
String newURL = "/nextURL;jsessionid=" + session.getId();
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);

Isn't it easier to simply use encodeURL()?

3.
String newURL = res.encodeURL(oldURL);
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);
rd.forward(req, res);

This looks good. Here is an alternative:


4.
if I "forward()" to a JSP instead of servlet, do I still need to use "encodeURL" ?

No. When you forward you are sending the current request/response objects.


The squeaky wheel gets the grease. Well, that or replaced...
Frank Sikuluzu
Ranch Hand

Joined: Dec 16, 2003
Posts: 116
please bear with me for few more questions ---

1. why don't I need to do "encodeURL" if it is "forward(req, res)" to a JSP page ? is it because I use "forward" or because it is to a JSP or servlet ?
Since I need to use "req.getSession" to get the HttpSession I feel I still need to do encodeURL in this case. Please help me clarify.

2. What if I , for safety reason, just use "encodeURL" anyway when I do "forward()", does it cause any extra harm ?

3. if it is a JSP page and there is a FORM

<FORM ACTION="/servlet/MyServlet"..>

And there is a session involved in this JSP page and certainly I would like to carry the session after I clic "sumbit" button. How do I apply "encodeURL" in the ACTION tag ?
Rusty Enisin
Ranch Hand

Joined: May 26, 2005
Posts: 107
1. Because you use forward(request,response). The purpose in using encodeURL is in case cookies are not an option you have a fall back. The forward is communication between two servlets (or JSP, etc). The first servlet has already parsed the jsessionid and has it in the request object. When you use forward, you pass the request and response. So you are already passing all the info you need in the request object.

2. Go ahead. Knock yourself out. But I think you are burning extra processor cycles.

3. Same way. A JSP is a servlet. You have to put the code in the JSP though.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: more questions about session and encodeURL()
 
Similar Threads
servlets
how do i include servlet in jsp
Using RequestDispatcher, NullPointerException
encodeURL and cookie
doubt