|
Q
|
After BrowserHawk4J finishes a test, I sometimes notice it has appended a jsessionid parameter with a value on the query string. Where does this come from and what is its purpose?
|
|
A
|
In Java environments, client sessions are identified by a "jsessionid",
a unique identifier that lets the server associate a series of client
requests as being from the same client. Normally the jsessionid is held
in a JSESSIONID cookie, but not all clients have cookies enabled.
Servlet engines work around this limitation by adding the jsessionid
into the URLs presented to the client so that each client click includes
in the request URL itself the jsessionid value. Servlets provide a
response.encodeURL() method that programmers are instructed to use when
outputting URLs. This method gives the servlet environment the
opportunity to add the jsessionid value to the URL when it deems it
necessary.
BrowserHawk as part of extended property checking has to issue a
redirect back to itself to retrieve the property values after the browser completes the testing. To ensure that
no session data is lost, BrowserHawk calls response.encodeURL() on the
URL it uses for the redirection. If the server decides it needs to add
a jsessionid, then the jsessionid is added so session information isn't
lost.
If you don't want the jsessionid to appear, you should avoid ever
initiating a session to be tracked. In JSPs you can use this directive
on the top of your pages:
<%@ page session="false" %>
In servlets you just avoid the request.getSession(true) call. In CFMX there is a similar way to disable sessions. In any event, if
there's no session to be lost, the server won't add the jsessionid as
part of the encodeURL().
Note: This articles applies only to the Java version of BrowserHawk (BH4J).
|
