Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-396

HttpServletResponseImpl#encodeURL() doesn't work

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.2.0.Beta10
    • 1.2.0.Beta8
    • Servlet
    • None

      I guess 2 problems here:

      1. When isRequestedSessionIdFromCookie() is invoked inside encodeURL(), it returns always true while no session cookies in a request.

      After application invokes HttpServletRequest#getSession(), SessionCookieConfig#setSessionId() creates a cookie and set it to HttpServerExchange instance. but it sets both of response and request of HttpServerExchange instance using setResponseCookie() and getRequestCookies().put(). I guess that getRequestCookies().put() is should NOT be invoked because isRequestedSessionIdFromCookie() uses getRequestCookies() to check where a cookie come from.

      2. SessionCookieConfigImpl#rewriteUrl() doesn't care fallback.

      It simply returns the original URL. it should do that check whether JSESSIONID is available in cookie then if not available append JSESSIONID to URL and return, when if "fallback" is available.

              sdouglas1@redhat.com Stuart Douglas (Inactive)
              xkylex Kohei Nozaki (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: