Chris,
a) Yes, I plan to always require cookies, because of ...
b) It's the search engine issue: They are cookie-less, and one gets
(severely?) penalized by letting the jsessionid's slip out.
While I'm using UrlRewriteFilter to provide an abstraction to the site's
urls (and it works great), I didn't seem to be able
to use it to suppress all url rewriting. I use
http://validator.w3.org/checklink to check out how things are behaving.
So what I've done is use the filter described in
http://randomcoder.com/articles/jsessionid-considered-harmful . This
is short and sweet, and appears to do the job, and is the solution
recommended by the link you sent -- thanks for that.
What I haven't done yet is to check whether the browser is supporting
cookies, and if the answer is no, make sure that
we raise an alert in fromt of the user to the effect that the site won't
work right without cookies.
But all this leads to the obvious question (which I asked): If I'm not
going to allow jsessionid's to slip out, can I suppress
their creation totally?
Now, having said all that, I'm more than open to hearing alternative
ways of dealing the with problem, namely that search
engines penalize you for the presence of jesessionid's.
Cheers,
Ken
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ken,
Ken Bowen wrote:
Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
jsessid ?
Do you want to completely disable sessions, or just always require cookies?
While the servlet specification does not require containers to provide
URL-rewriting, they are nearly useless without that capability.
This post from July 2004 includes a suggestion for a workaround when you
/really/ don't want url rewriting to ever occur:
http://mail-archives.apache.org/mod_mbox/tomcat-users/200407.mbox/[EMAIL
PROTECTED]
I'm not sure why you'd ever want to do this, though. I'd love to hear
your reason for doing it, though.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHIhgg9CaO5/Lv0PARArw0AJ0Uzmwq/lLT1IWHxn/xADxiZLzpgACfUrep
qUM56Ih/0NPu9XWeK5LE1ws=
=s4JG
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
