Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Alway pass URLs that refer to our own site?

 
Mark Lau
Ranch Hand
Posts: 120
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Marty Hall says in his Core Servlets and Java Server Pages (page 207):
Plan ahead: pass URLs that refer to your own site through response.encodeURL or response.encodeRedirectURL, regardless of whether your servlet is using session tracking.
So do we always do this in any of our servlet reglardless of anything?
 
Bosun Bello
Ranch Hand
Posts: 1511
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, that was his suggestion. Reason being that, you may not know if your servlet will be among other servlets that use session tracking.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic