0

As for the subject: Are USERLANGUAGE and JSESSIONID cookies implicitly part of HttpServletRequest? Even without declaring any httpsession?

protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

         //   HttpSession session = req.getSession(true);
            Cookie[] cookies = req.getCookies();
            ServletOutputStream out = resp.getOutputStream();
            out.println("<html>");
            out.println("<head>");
            out.println("</head>");
            out.println("<body>");
            for (Cookie cookie : cookies) {
                 out.println(cookie.getName()+": "+ cookie.getValue());
            }
            out.println("</body>");
            out.println("</html>");
}

In the above code reported for example even though I do not declare any httpSession I get USERLANGUAGE and JSESSIONID as part of the Cookies array. Should not I have got null instead?

Rollerball
  • 12,618
  • 23
  • 92
  • 161
  • 4
    Once a cookie is set, it's sent with every subsequent request (to the same host and path). The browser can't know that you won't use the session in this particular request. It sends the cookie, that's all. USERLANGUAGE is not a "standard" Java EE cookie. Your application must have set it explicitely. – JB Nizet Mar 02 '14 at 11:56
  • @JBNizet I actually have not set neither of the 2 cookies.. maybe it's intelliJ that automatically does it? – Rollerball Mar 02 '14 at 12:05
  • @JBNizet regarding JSESSIONID you are right.. opened it with another browser and it did not show up. However still the USERLANGUAGE was present. – Rollerball Mar 02 '14 at 12:07
  • IntelliJ is the tool you use to edit, compile, and maybe deploy code to the web server. It is irrelevant. USERLANGUAGE could be set by a framework you're using, or another application running on the same host. – JB Nizet Mar 02 '14 at 12:32

0 Answers0