https://bz.apache.org/bugzilla/show_bug.cgi?id=56917
--- Comment #9 from Mark Thomas <ma...@apache.org> --- The complexity is to ensure that the session ID only gets added if the redirect is to a location within the current web application. In nearly all cases it will get skipped anyway since the session will have been provided by a cookie. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
