struts-issues mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	"Paul Benedict (JIRA)" <j...@apache.org>
Subject	[jira] Commented: (STR-1256) RequestUtils.computeURL should use the session associated with the request to control URL rewriting
Date	Tue, 03 Jul 2007 03:04:30 GMT
[ https://issues.apache.org/struts/browse/STR-1256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_41331 ] Paul Benedict commented on STR-1256: ------------------------------------ Can someone re-state the problem? I am having a problem following the reason for this enhancement. > RequestUtils.computeURL should use the session associated with the request to control URL rewriting > --------------------------------------------------------------------------------------------------- > > Key: STR-1256 > URL: https://issues.apache.org/struts/browse/STR-1256 > Project: Struts 1 > Issue Type: Improvement > Components: Core > Affects Versions: Future > Environment: Operating System: All > Platform: All > Reporter: Kris Schneider > Assignee: Struts Developers > Priority: Minor > Fix For: Future > > > The RequestUtils.computeURL method uses the existence of a session associated > with the current page context to determine if URL rewriting should occur. Since > it's possible for pageContext.getSession() to return null when > ((HttpServletRequest)pageContext.getRequest()).getSession(false) returns a valid > session, it seems like the method could fail to rewrite when it should. The > situation can occur when a JSP page uses <%@ page session="false" %> but a valid > session actually exists. > I can't create a patch right now, bit I will later if it's not already > addressed. Here's the current state: > RequestUtils.computeURL / Revision: 1.90 / Line 550 > // Perform URL rewriting to include our session ID (if any) > if (pageContext.getSession() != null) { > HttpServletResponse response = > (HttpServletResponse) pageContext.getResponse(); > if (redirect) { > return (response.encodeRedirectURL(url.toString())); > } else { > return (response.encodeURL(url.toString())); > } > } else { > return (url.toString()); > } > Proposed change: > // Perform URL rewriting to include our session ID (if any) > if (request.getSession(false) != null) { > HttpServletResponse response = > (HttpServletResponse) pageContext.getResponse(); > if (redirect) { > return (response.encodeRedirectURL(url.toString())); > } else { > return (response.encodeURL(url.toString())); > } > } else { > return (url.toString()); > } -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Mime	Unnamed text/plain (inline, 7-Bit, 2592 bytes)
	View raw message