在spring mvc中删除url重写中的jsessionid [英] remove jsessionid in url rewrite in spring mvc
问题描述
我正在使用spring MVC并且在jsessionid中遇到问题,我发现如果在浏览器中没有启用cookie,那么jsessionid会被注入url中:
I am using spring MVC and having a problem in jsessionid, what I found is that jsessionid is injected in the url if cookies isn't enabled in the browser producing a url like that:
http:// localhost / categories; jsessionid = Bsls4aQFXA5RUDcmZKV5iw?cid = 13001
实际上浏览器没有问题,但是当Google抓取我的网站时,Google抓取工具似乎没有Cookie :),他们会以该表单和我的网站存储我网站的网址出现在搜索结果中的网址类似于包含jsessionid的网址。
Actually there is no problem with browsers but when Google crawl my site, and seems Google crawlers don't have cookies :), they store urls of my site in that form and my site appears in search results having URLs like that ones containing jsessionid.
实际上它运行没有任何问题,但我更喜欢在没有jsessionid的情况下将网址显示在Google搜索结果中。
Actually it's running without any problems, but I prefer to have URLs appear in Google search results clear without jsessionid.
任何帮助?
推荐答案
要点:根本就不要只要用户不登录或执行POST操作,就让您的应用创建会话。不要调用 request.getSession()或 request.getSession(true)。不要为未登录的用户创建或管理会话范围的bean。确保你正在使用的框架没有不必要地创建会话而你没有这样做。
To the point: simply don't let your app create sessions as long as users do not login or perform POST actions. Do not call request.getSession() or request.getSession(true). Do not create nor manage session scoped beans for non-logged-in users. Ensure that the frameworks which you're using do not unnecessarily create sessions without that you say it to do so.
如果这是真的不可能由于您的应用程序的设计方式或由于所使用的(MVC)框架的限制/错误,您最好的办法是将Googlebot请求重定向到没有JSESSIONID标识符的URL。您可以使用 Tuckey的URL重写过滤器(也就是说,Apache HTTPD的Java变体) -known mod_rewrite )。以下是配置示例页面。
If this is really impossible due to the way your application is designed or due to the limitations/bugs of the (MVC) frameworks used, then your best bet is to redirect Googlebot requests to URLs without JSESSIONID identifier. You can use Tuckey's URL rewrite filter for this (which is, say, the Java variant of Apache HTTPD's well-known mod_rewrite). Here's an extract of relevance from its configuration examples page.
为来自googlebot的请求隐藏jsessionid。
Hide jsessionid for requests from googlebot.
<outbound-rule>
<name>Strip URL Session ID's</name>
<note>
Strip ;jsession=XXX from urls passed through response.encodeURL().
The characters ? and # are the only things we can use to find out where the jsessionid ends.
The expression in 'from' below contains three capture groups, the last two being optional.
1, everything before ;jesessionid
2, everything after ;jesessionid=XXX starting with a ? (to get the query string) up to #
3, everything ;jesessionid=XXX and optionally ?XXX starting with a # (to get the target)
eg,
from index.jsp;jsessionid=sss?qqq to index.jsp?qqq
from index.jsp;jsessionid=sss?qqq#ttt to index.jsp?qqq#ttt
from index.jsp;jsessionid=asdasdasdsadsadasd#dfds - index.jsp#dfds
from u.jsp;jsessionid=wert.hg - u.jsp
from /;jsessionid=tyu - /
</note>
<condition name="user-agent">googlebot</condition>
<from>^(.*?)(?:\;jsessionid=[^\?#]*)?(\?[^#]*)?(#.*)?$</from>
<to>$1$2$3</to>
</outbound-rule>
这篇关于在spring mvc中删除url重写中的jsessionid的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
