Community
Participate
Working Groups
Build Identifier: 8.0.4.v20111024 The org.eclipse.jetty.server.Response.sendRedirect() should not call encodeRedirectURL(). This is a violation of Servlet spec. that requires user of the Servlet API to call encodeRedirectURL explicitly before calling sendRedirect(). This becomes really annoying when you do something like this: response.sendRedirect("https://www.google.com/accounts/o8/ud") and it redirects to https://www.google.com/accounts/o8/ud;jsessionid=_the_url_is_broken_ Please remove the line containing "location=encodeRedirectURL(location);" from the sendRedirect method! Reproducible: Always Steps to Reproduce: In request with a cookie-less session call response.sendRedirect("https://www.google.com/accounts/o8/ud") or use any other URL...
I'm sure that previously somebody convinced me that sendRedirect should do the encode.... but I can't re-convince myself of that. so fixing for 7.6 and 8.1
Greg, I think it was this issue where we put the jsessionid encoding onto the sendRedirect: http://jira.codehaus.org/browse/JETTY-1146 It seems that the JSF framework is/was NOT calling encodeRedirectUrl before calling sendRedirect .... Jan
