aspose file tools*
The moose likes Servlets and the fly likes encodeURL necessary? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "encodeURL necessary?" Watch "encodeURL necessary?" New topic
Author

encodeURL necessary?

Ken Flor
Ranch Hand

Joined: Aug 01, 2006
Posts: 34
Hi,

just wonder, whenever i use encodeURL in my form action in a servlet page, the url of the return page will have the jsessionid, parameters etc.

However, I do not want to let people see the session id etc.

But i search net and was told that it was recommended to use encodeURL.

Please advise.

thanks.
Alex Sotin
Greenhorn

Joined: Dec 19, 2006
Posts: 21
Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.
For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

so it will solve your problem, please find a how to use in win java.com


<a href="http://www.planet-java.org" target="_blank" rel="nofollow">Java Planet</a> <br />-- <a href="http://www.java-index.org" target="_blank" rel="nofollow">Java Index</a>
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
Originally posted by Ken Flor:
Hi,

just wonder, whenever i use encodeURL in my form action in a servlet page, the url of the return page will have the jsessionid, parameters etc.

However, I do not want to let people see the session id etc.

But i search net and was told that it was recommended to use encodeURL.

Please advise.

thanks.


Whenever you use encodeURL for tracking session , then you will always find the jsessionid appended to the URL's.Please note that this is an alternate way to track session ,if your clients are not cookie enabled.
If cookied are enabled then use HTTPSession to track session.That is easy ,untill your requirement is to do this using encodeURL.


Rahul Bhattacharjee
LinkedIn - Blog
 
Don't get me started about those stupid light bulbs.
 
subject: encodeURL necessary?