I have seen applications where /webappname is not redirected to /webappname/ but is served as is. IIRC, that happens when there is no welcome file.
If I understand correctly, this change will break them. Maybe make it conditional? For reference, discussion on users@ [1] http://markmail.org/message/wsmv4jecrwggpzaj 2011/5/9 <ma...@apache.org>: > Author: markt > Date: Mon May 9 12:45:55 2011 > New Revision: 1100992 > > URL: http://svn.apache.org/viewvc?rev=1100992&view=rev > Log: > Ensure session cookie paths end in / so that session cookies created for a > context with a path of /foo do not get returned with requests mapped to a > context with a path of > /foobar > > Modified: > > tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java > tomcat/trunk/webapps/docs/changelog.xml > > Modified: > tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java?rev=1100992&r1=1100991&r2=1100992&view=diff > ============================================================================== > --- > tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java > (original) > +++ > tomcat/trunk/java/org/apache/catalina/core/ApplicationSessionCookieConfig.java > Mon May 9 12:45:55 2011 > @@ -158,8 +158,10 @@ public class ApplicationSessionCookieCon > } > // Handle special case of ROOT context where cookies require a path of > // '/' but the servlet spec uses an empty string > - if (contextPath.length() == 0) { > - contextPath = "/"; > + // Also ensure the cookies for a context with a path of /foo don't > get > + // sent for requests with a path of /foobar > + if (!contextPath.endsWith("/")) { > + contextPath = contextPath + "/"; > } > cookie.setPath(contextPath); > > > Modified: tomcat/trunk/webapps/docs/changelog.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1100992&r1=1100991&r2=1100992&view=diff > ============================================================================== > --- tomcat/trunk/webapps/docs/changelog.xml (original) > +++ tomcat/trunk/webapps/docs/changelog.xml Mon May 9 12:45:55 2011 > @@ -71,6 +71,12 @@ > ServletRequest#getServerPort() and ServletRequest#getLocalPort() when > Tomcat is behind a reverse proxy. (markt) > </add> > + <fix> > + Ensure session cookie paths end in <code>/</code> so that session > + cookies created for a context with a path of <code>/foo</code> do not > + get returned with requests mapped to a context with a path of > + <code>/foobar</code>. (markt) > + </fix> > </changelog> > </subsection> > </section> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
