Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Can an eavesdropper monitor response.sendRedirect()?  RSS feed

 
Angel J Gama
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does anyone knows if an eavesdropper can monitor a request when it's make in a servlet by tue use of response.sendRedirect()?
For example:



My guess is: he can't since the servlet is being executed from the server side, but... who knows, from time to time there are new methods to do bad and nasty things with private information.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sendRedirect is not a purely server side operation (like RequestDispatcher.forward is).

sendRedirect works by returning a response to the client containing a 30x response code (which tells the client to look elsewhere for the page) along with a "Location" header containing the URL that should be used.

So, to answer your question, yes, if someone were watching the network traffic with a packet sniffer, they would be able to see the redirect.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!