struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Benedict (JIRA)" <j...@apache.org>
Subject [jira] Commented: (STR-1256) RequestUtils.computeURL should use the session associated with the request to control URL rewriting
Date Tue, 03 Jul 2007 03:04:30 GMT

    [ https://issues.apache.org/struts/browse/STR-1256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_41331
] 

Paul Benedict commented on STR-1256:
------------------------------------

Can someone re-state the problem? I am having a problem following the reason for this enhancement.

> RequestUtils.computeURL should use the session associated with the request to control
URL rewriting
> ---------------------------------------------------------------------------------------------------
>
>                 Key: STR-1256
>                 URL: https://issues.apache.org/struts/browse/STR-1256
>             Project: Struts 1
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: Future
>         Environment: Operating System: All
> Platform: All
>            Reporter: Kris Schneider
>            Assignee: Struts Developers
>            Priority: Minor
>             Fix For: Future
>
>
> The RequestUtils.computeURL method uses the existence of a session associated
> with the current page context to determine if URL rewriting should occur. Since
> it's possible for pageContext.getSession() to return null when
> ((HttpServletRequest)pageContext.getRequest()).getSession(false) returns a valid
> session, it seems like the method could fail to rewrite when it should. The
> situation can occur when a JSP page uses <%@ page session="false" %> but a valid
> session actually exists.
> I can't create a patch right now, bit I will later if it's not already
> addressed. Here's the current state:
> RequestUtils.computeURL / Revision: 1.90 / Line 550
> // Perform URL rewriting to include our session ID (if any)
> if (pageContext.getSession() != null) {
>   HttpServletResponse response =
>                                (HttpServletResponse) pageContext.getResponse();
>   if (redirect) {
>     return (response.encodeRedirectURL(url.toString()));
>   } else {
>     return (response.encodeURL(url.toString()));
>   }
> } else {
>   return (url.toString());
> }
> Proposed change:
> // Perform URL rewriting to include our session ID (if any)
> if (request.getSession(false) != null) {
>   HttpServletResponse response =
>                                (HttpServletResponse) pageContext.getResponse();
>   if (redirect) {
>     return (response.encodeRedirectURL(url.toString()));
>   } else {
>     return (response.encodeURL(url.toString()));
>   }
> } else {
>   return (url.toString());
> }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message