Supressing URL rewriting for jesessionid from Lift

The Java Servlet Specification 3.0, section 7.1.3, defines a fallback mechanism for maintaining a session with clients with disabled/unsupported cookies by rewriting urls.
This mechanism however has a number of drawbacks listed here:
http://randomcoder.com/articles/jsessionid-considered-harmful

The above Link also contains an example of how to disable url rewriting using a servlet filter.
Switching url rewriting off in lift would be a nice feature for many Lift Users.
This could for example be achieved by adding the functionality described in the above link to the LiftFilter and
making it configurable in LiftRules, e.g. like this:
LiftRules.jsessionUrlRewriting = false

Leave a comment

on 2010-09-29 00:22 *

By dpp

Assigned to set to dpp

Status changed from New to Accepted

on 2010-09-29 00:22 *

By dpp

Milestone set to 2.2-M2

on 2010-12-01 23:32 *

By dpp

Milestone changed from 2.2-M2 to -none-

on 2010-12-06 00:35 *

By dpp

Status changed from Accepted to Fixed

/**

Should the JSESSIONID be encoded in the URL if cookies are
not supported

*/
@volatile var encodeJSessionIdInUrl_? = false

Drop the files anywhere in this page to upload them as attachments.

Add a Relation

Attachments

Related Tickets

Followers

Supressing URL rewriting for jesessionid from Lift

Related Tickets

Add people from your team or external to follow ticket activity

Followers will receive email updates about new ticket activity or emails sent to liftweb+658@tickets.assembla.com

Attachments

Related Tickets

Followers

Supressing URL rewriting for jesessionid from Lift

Granting access, please wait...

Related Tickets

Add people from your team or external to follow ticket activity

Followers will receive email updates about new ticket activity or emails sent to liftweb+658@tickets.assembla.com