Home/ Questions/Q 8199445
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T06:10:11+00:00

I’m reading a book on Servlets to review and it states that it will

  • 0

I’m reading a book on Servlets to review and it states that it will automatically decide when to append the session ID. I have read conflicting statements across the web. To what extent will it append the session ID to URLs automatically when cookies are blocked, and will this include the use of sendRedirect(). I’m referring to the most recent version. I have checked The JAVA Docs at Oracle.com but I’m not sure if they have been updated recently enough.

Thanks 🙂

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    No , the container does not have intelligence to detect the links in you template text or string which you write to the output stream.

    For Ex, take this sample code:

    servletoutputStream.write("<form method=\"post\" action=\"/submit.jsp\");

    In the above code, you have to do HttpServletResponse.encodeURL("/submit.jsp") to have session id in the post action url.

    Similarly, the API Documentation for HttpServletResponse.encodeRedirectURL() says that

    java.lang.String encodeRedirectURL(java.lang.String url)

   Encodes the specified URL for use in the sendRedirect method or, if encoding 
     is not needed, returns the URL unchanged. The implementation of this method 
     includes the logic to determine whether the session ID needs to be encoded in 
     the URL.Because the rules for making this determination can differ from those 
     used to decide whether to encode a normal link, this method is separated from 
     the encodeURL method.

   All URLs sent to the HttpServletResponse.sendRedirect method should be run 
   through this method. Otherwise, URL rewriting cannot be used with browsers 
   which do not support cookies.

    References:

    • 0