Session relies on cookies if the browser disables cookies? __javaweb

We all know that session relies on cookies because the server needs to get SessionID in each request and then locate the client's session object if the browser disables cookies.

This time, you need to use the URL rewrite , this method so that the server received every request with Sessioinid.

The specific method of URL rewriting is to add a parameter named Jsessionid to each link and form in each page, and the value is the current SessionID. When the user clicks on the link or submits the form the server can obtain the Jsessionid this parameter to obtain the client SessionID, finds the Sessoin object, takes a look at the concrete example:

Method One :

------------links------------

<a href= '/jsp/index.jsp;jsessionid=<%=session.getid ()%> ' > Home </a>

------------form------------

<form action= '/jsp/index.jsp;jsessionid=<%=session.getid ()%> ' method= ' post ' >
	<input type= ' Submit "value="/>
</form>

method Two (using Response.encodeurl () to handle the URL for each request, this method automatically appends the Jsessionid parameter to the same effect as we manually added above. ）：

------------links------------

<a href= ' <%=response.encodeurl ("/jsp/index.jsp")%> ' > Home </a>

------------form------------

<form action= ' <%=response.encodeurl ("/jsp/index.jsp")%> ' method= "post" >
	<input type= "Submit" Value= "Submit"/>
</form>

Using Response.encodeurl () is more "smart", it will determine whether the client browser has disabled cookies, and if disabled, this method appends jsessionid to the URL, otherwise it is not appended.

Therefore, it is recommended that you use method two.