After realizing session is a powerful tool and that there is a encodeURL(), I just come up with more questions ---
1. it seems "jsessionid" is normally stored in a cookie on the client side. so if a browser does NOT support cookie, then using encodeURL() is a must do. In other words, since we (the server side programmer) has no control over client side, we better ALWAYS use encodeURL(), does this make sense ?
2. instead of using encodeURL(), what if I simply do
String newURL = "/nextURL;jsessionid=" + session.getId();
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);
3. if i use encodeURL, is following the right way to code ---
String newURL = res.encodeURL(oldURL);
RequestDispatcher rd = getServletContext().getRequestDispatcher(newURL);
rd.forward(req, res);
4. if I "forward()" to a
JSP instead of
servlet, do I still need to use "encodeURL" ?