javadoc对于 javax.servlet.http.HttpServletResponse 规则 encodeURL 和 encodeRedirectURL 遵循的规则之间的区别有点模糊,有什么例子吗那些确切的规则是? encodeURL 的输出何时与 encodeRedirectURL 不同?
举一个具体的例子,我已经生成了一个重定向 url,我将与 response.sendRedirect(url) 一起使用。我得到的 url 已经编码,但我想向它添加一个参数,该参数的值是另一个 url:
param2=http://google.com
我使用这两个函数中的哪一个对此进行编码?
最佳答案
Salam Alekom Abduallah, 我四处寻找答案,我知道我会在 stackoverflow 或 coderanch 中找到它,然后我找到了 answer。我现在手里拿着这本书的作者查尔斯·莱昂斯 (Charles Lyons),这是一个愉快的巧合。
posted 8/9/2008 11:41 AM Exactly - the difference being that encodeURL always writes the session ID into the URL (if required e.g. because cookies are disabled), while encodeRedirectURL contains additional logic to determine if it is desirable to write the session ID in. It is a really bad idea to give foreign websites the session ID for example, since then they could impersonate your user's session. Hence encodeRedirectURL will only put the jsessionid on the URL if that URL lies within the current Web application, and not perform any rewriting otherwise.
Charles Lyons(SCJP 1.4,2003 年 4 月;SCJP 5,2006 年 12 月;SCWCD 1.4b,2004 年 4 月) OCEJWCD Study Companion for Oracle Exam 1Z0-899 的作者(ISBN 0955160340)
我也找到了这个answer也是之前发布的,
posted 4/19/2006 8:02 AM Quote Report post to moderator Hi,
The encodeURL is used to encode the url for session tracking in forward and include mechanism. The encodeRedirectURL encodes the specified URL for use in the sendRedirect method.
The main difference between two is, the implementation of encodeRedirectURL method includes the logic to determine whether the session ID needs to be encoded in the URL in the case when you are redirecting the URL to different context where the session information is not required or invalid. The encodeURL method do not appent the seesion id if the cookies are enabled. In addition to this encodeRedirectURL do not append the session information if the URL is redirected to the different context (web application). Because the rules for making this determination can differ from those used to decide whether to encode a normal link, this method is separete from the encodeURL method.
Hope this help you.
Thanks
Narendra Dhande
关于java - encodeURL 和 encodeRedirectURL 之间的区别,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4673425/