Cookie Handling

Discussion in 'Java' started by Peter Horlock, Jul 11, 2008.

  1. Hi,
    <preface>
    I want to remove all sessionids from my website, to improve its
    ranking in google.

    In a first step, I tried using the JSTL <c:url> session mechanism. For
    the first request,
    it adds a session id GET parameter AND a cookie to the response. When
    the client sends back both, cookie and param, from then on the website
    will communicate through the cookie. However, either google does not
    support cookies, or it stored the link from the very first request,
    including the get parameter, anyway, most of my website's urls are now
    in the google index with the jsessionid parameter.

    Looking for alternatives, I read something from tuckey's urlrewrite
    component (which we are already using anyway):
    http://tuckey.org/urlrewrite/manual/3.0/guide.html

    (Search for "Hide jsessionid for requests from googlebot.").
    However, I suppose, this will not solve my problem, because the
    urlrewrite filter only works for incoming request, so the first
    request would not contain a jsessionid, the urlrewrite component would
    rewrite it, but when the server replies, it would attach the jsession
    id, I guess. When the third request reaches the urlrewrite filter,
    then it would truncate the jsession id, but then it would already be
    to late, I guess. Let me know if I am wrong here..

    Anyway, as a "third best approach" I thought I could only use cookies.
    The cookies are only used for tracking, so for the 2% not supporting
    cookies only the tracking would be disabled, and I am willing to
    sacrifice that for a better ranking in google.
    </preface>

    So I tried to add a cookie with a name and a max age (20 minutes).
    Even though there is hardly any documentation about cookies online, I
    figured out by myself that I also have to set a path, and I am not
    completly sure if I also have to set the domain, or not - if I set it
    just "something", the cookie got rejected from my firefox 3.0 browser,
    I guess for security reasons. Now for the first request, I want to set
    a cookie, a max age, and my tracking value. However, when my (Spring)
    Controller received the second request, I found the cookie, but the
    max age seems to have gone. I would like to reuse the very same cookie
    until it will get deleted because it timed out - only then do I want
    to create a new cookie - in order to properly reproduce the "session
    handling" behavior I had when I was using cookies. A colleague
    mentioned something that the max age would get deleted as soon as you
    retrieve a stored cookie from the browser. Is that so? If so, I guess
    I will have to additionally append the max age value to my tracking
    value. True?

    Here's the story put into a code snippet:
    Cookie cookie = new Cookie(cookieName, "");
    cookie.setMaxAge(COOKIE_MAX_AGE);
    //cookie.setDomain(domain); // setting this caused rejection
    of the cookie
    cookie.setPath("/");
    [...]
    Later, in a different part of the app, I am resetting the cookie value
    through its reference that I passed through to the other component:
    cookie.setValue(myValue);
    ---
    Now the second request should retrieve the old cookie I set:
    Cookie cookie = null;
    Cookie[] cookies = request.getCookies();
    if(cookies != null && cookies.length > 0){
    for (Cookie c : cookies) {
    String cName = c.getName();
    if (cookieName.equals(cName)) {
    cookie = c;
    break;
    }
    }
    }
    But when retrieving the cookie from the browser, cookie.getMaxAge
    always results in -1, no matter what I am doing...

    Any ideas how I could fix this?

    Thanks,

    Peter
     
    Peter Horlock, Jul 11, 2008
    #1
    1. Advertising

  2. Got a similar Problem here - I also would like to keep the "old" maximum
    age of the cookie.

    Anyone???
     
    Christian Ulrich, Jul 13, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ben
    Replies:
    3
    Views:
    5,916
    Steven Cheng[MSFT]
    Jun 3, 2004
  2. Shapper

    Cookie and Session Cookie Questions.

    Shapper, Apr 27, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    597
  3. =?Utf-8?B?UGF1bA==?=

    Cookie Question (IP as domain and cookie file location)

    =?Utf-8?B?UGF1bA==?=, Jan 10, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    2,517
    Bruce Barker
    Jan 10, 2006
  4. ad
    Replies:
    2
    Views:
    7,639
    Kevin Spencer
    Jan 27, 2006
  5. =?Utf-8?B?TnVubw==?=

    Convert a PHP cookie to an ASP.NET cookie

    =?Utf-8?B?TnVubw==?=, Jan 31, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    456
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Jan 31, 2006
Loading...

Share This Page