Subrahmanyam KNVSK wrote:
> Hi,
>
> encodeURL() encodes the strings in such a way that some unacceptable
> characters in the URL are "encoded" to form a new modified string that can
> be interperted by the server. So, you obviously can't use it with <form
> action=...>.
>
If you are talking about HttpServletResponse.encodeURL(), I'm afraid this is
not correct. This encodeURL() method is used to add the session ID to the URL
passed as an argument if cookies are not enabled. Therefore, you *must* use
encodeURL() on the <form action="....."> argument if you want session identity
to be maintained when there are no cookies. Of course, you should also call
encodeURL() to encode the arguments to your <a href="....."> links.
Technically, you should even do so for things like <img src="....."> -- you
may be serving static files today (which don't care about sessions), but in
the future your app might be modified to dynamically create the image content
with a servlet, and you will want that servlet to know what session it is a
part of.
In a similar manner, if you are going to call sendRedirect() to force a
redirection, you should pass the argument URL through
HttpServletResponse.encodeRedirectURL() first. The two encode functions do
pretty much the same thing, but the rules to be followed by the servlet engine
are slightly different for redirects than they are for regular URLs.
> Subrahmanyam KNVSK
Craig McClanahan
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
