Reputation: 173
How does the servlet know that the browser has disabled cookies?
I would be grateful if someone would explain how servlets can tell that cookies have been disabled on the client's browser.
I understand that while creating a session in a servlet: If cookies are enabled, the server will return the sessionID as a cookie. If cookies are disabled, the sessionID will be written into the URL.
What I don't understand is how the server can tell that cookies have been disabled. HTTP is a stateless protocol, there is no way (that I know of) the server can tell that the client has disabled cookies. I expect that the server would not receive cookies in the request header but that could mean that no cookies have been set in the first place.
I have checked these answers: Servlet HttpSession cookies disabled Manage Session when broswer has disable cookies
They both explain how to enable URL-rewriting but they do not explain how the server knows cookies have been disabled on the client.
Upvotes: 1
Views: 295
Answers (1)
Reputation: 691635
how servlets can tell that cookies have been disabled
They can't. When the session is first created, the server sends the session ID both as a cookie and with URL rewriting. On the second request, if it receives the session cookie, then it stops rewriting URLs.
Upvotes: 1
Related Questions
- When use sessions in Servlet?
- Getting cookie in servlet
- Session in Servlets
- Disabling Cookies stops Session as well?
- Cookie handling with Servlet
- Persistent cookies from a servlet in IE
- How can I set session cookies to be Http-Only in servlet API 2.5?
- Checking for Cookie status and restricting the user not to surf the web appkoication - How To?
- Java - Finding whether Cookies Disabled or not
- how can i do sessions in java if some one disables cookies in my browser?