You know, in light of the fact that it may be standard and to the spec, it's funny that most of the servlet containers that I use (Tomcat, Resin, Jetty) don't recognize their own rewritten urls.
To me, that's just unacceptable. Someone with some influence (Craig? Remy?) might want to address this. -- James Mitchell Software Engineer / Struts Evangelist http://www.struts-atlanta.org 678.910.8017 AIM:jmitchtx > -----Original Message----- > From: Kris Schneider [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2003 12:01 PM > To: Struts Users Mailing List > Subject: Re: how to disable (or work around) jsessionid in > html:img sources > > > The HTTP/1.0 spec defines a URI as: > > ... > rel_path = [ path ] [ ";" params ] [ "?" query ] > ... > > The Servlet spec states: > > The session id must be encoded as a path parameter in the URL > string. The > name of the parameter must be jsessionid. > > Quoting "Ruth, Brice" <[EMAIL PROTECTED]>: > > > Saul Q Yuan wrote: > > > > >>-----Original Message----- > > >>From: Ruth, Brice [mailto:[EMAIL PROTECTED] > > >>Sent: Thursday, October 23, 2003 9:32 AM > > >>To: Struts Users Mailing List > > >>Subject: Re: how to disable (or work around) jsessionid > in html:img > > >>sources > > >> > > >>James Mitchell wrote: > > >> > > >> > > >> > > >>>A bit of history on this subject: > > >>> > > >>>* From: Craig R. McClanahan > > >>>* Subject: Re: Why would jsessionid not appear? > > >>>* Date: Wed, 08 Aug 2001 12:09:26 -0700 > > >>> > > >>>The jsessionid path parameter will only be added if the servlet > > >>>container > > >>>does not know whether your client supports cookies. How Tomcat > > >>> > > >>> > > >handles > > > > > > > > >>>this (probably typical of others): > > >>> > > >>>* On the first response in a session, send the session id > > >>> both ways (cookie and encoding). > > >>> > > >>>* If the subsequent request comes back with a cookie, turn > > >>> of URL rewriting for the remainder of this session. > > >>> > > >>>* If the subsequent request comes back without a cookie, > > >>> keep on rewriting. > > >>> > > >>>Craig > > >>> > > >>> > > >>> > > >>>So, with that having been said, all you have to do is > > >>>tell all your users to hit refresh whenever they access > > >>>your site. > > >>> > > >>>That way, all external links and images will work. > > >>> > > >>>If you find that unacceptable, you could: > > >>> > > >>>Move the contents of index.jsp to index2.jsp, then: > > >>> > > >>> Put a meta refresh tag as your initial page (index.jsp). > > >>> <META HTTP-EQUIV="refresh" > > >>> content="2;URL=http://www.yoursite.com/index2.jsp";> > > >>> > > >>> or > > >>> > > >>> Add some javascript that sends the user to index2.jsp. > > >>> (similar to above) > > >>> > > >>> or > > >>> > > >>> Use <logic:redirect> or any number of ways in a scriptlet > > >>> to redirect to index2.jsp > > >>> > > >>> > > >>>On the Struts-Atlanta web site (http://www.struts-atlanta.org), > > >>>I take a slightly different approach. > > >>>At the top of my index.jsp, I do this: > > >>> > > >>><logic:present parameter="refresh"> > > >>><bean:parameter id="refreshed" name="refresh"/> > > >>></logic:present> > > >>> > > >>><logic:notEqual name="refreshed" value="true"> > > >>><logic:redirect page="/index.jsp?refresh=true"/> > > >>></logic:notEqual> > > >>> > > >>> > > >>>What this does is refresh the page one time only. This > method works > > >>> > > >>> > > >for > > > > > > > > >>>me because I am not posting or processing any forms with > this page > > >>> > > >>> > > >which > > > > > > > > >>>would not work correctly if I had. > > >>> > > >>>Hope that helps. > > >>> > > >>> > > >>> > > >>> > > >>> > > >>Thanks, James. > > >> > > >>Ignoring for the moment how these workarounds smack of > "hack", this > > >>doesn't solve the problem of people visiting the site w/o cookies > > >>enabled. What I don't understand is why the delimiter ';' is being > > >> > > >> > > >used, > > > > > > > > >>instead of the traditional '?' - which Apache wouldn't > have a problem > > >>stripping off and serving up the proper file with ... > > >> > > >> > > > > > > > > >That seems to be a rule in the Servlet specification on > URL rewriting > > >for passing session info. > > > > > > >http://www.jcp.org/aboutJava/communityprocess/first/jsr053/se rvlet23_PFD > >.pdf > > > > > >Saul > > > > > > > > > Seems strange that a rule would be set that breaks IETF standards, > doesn't it? Or am I seeing this totally wrong? > > -- > Brice D. Ruth > Sr. IT Analyst > Fiskars Brands, Inc. -- Kris Schneider <mailto:[EMAIL PROTECTED]> D.O.Tech <http://www.dotech.com/> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
