Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

question about cookies/url encoding

 
Maulin Vasavada
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi all,
i'm having this question for sometime. i know we can track session using cookies (i guess thats the way most webserver work when we put anything in the session variable to track the session - Session Cookie i mean precisely) and there is this URL Encoding in option to that method where we embed the session tracking information in every URL we send to the client browser.
i am aware that URL Encoding is safest way when clients are shutting down the cookie access (disabling the cookies on their machine).
my puzzle is following,
"DO WE NEED TO WRITE A CODE THAT FIRST CHECKS IF THE COOKIES ARE ENABLED?" and THEN have the appropriate optional code for URL Encoding so that we can activate that code if the cookies are found disabled in the browser?
i would really guess that is the case because webserver can't do magic and switch b/w cookie based session tracking to URL Encoded based one.
though i have not seen a code that does have both these options and performs switching upon appropriate alternative is found.
well, the code that will help us to determine if the cookie is enabled or not is not at all difficult to write. we can just write a cookie and try to read it back. if we can't read the cookie back then the cookies are diabled and then we can switch our code to employ URL Encoding for session tracking...
please let me know whether my thinking is correct or i'm terribly messed up my mind regarding this
thank you.
maulin
 
Pat Wallwork
Ranch Hand
Posts: 72
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Maulin,
This is right from the API:

Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.
For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

So as long as you encode your links you don't have to worry about it :-)
-Pat
 
Maulin Vasavada
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi pat
thanks for the pointer. i feel better
regards
maulin
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic