CFLocation adds token when addToken is omitted and does not add as a query

Description

We received reports that some users where receiving a 404 under a very specific set of circumstances. In the end, the culprit was a `<CFLOCATION>` tag that was missing the `addToken` attribute. Only during these less than common circumstances `<CFLOCATION>` was appending the URL with `;JSESSION=`, not `?JSESSION=`. Further, the semicolon was encoded in the URL `www.somewebsite.com/somefile.cfm%3BJESSION=sometoken?URLquery=someURLparameter`.

To reproduce on Chrome on Mac:

  • Close any tabs that are associated with the offending website

  • DO NOT CLOSE Chrome

  • Click on the three dots in the upper right to open the dropdown

  • Select 'More Tools'

  • Select 'Clear Browser Data...'

  • In the new tab that opens there is a modal

  • Select to clear Cookies, Browsing History, and Cache

  • Click Clear Data

  • Now close the Chrome browser (shut down Chrome entirely)

  • Reopen Chrome

  • In any NEW tab navigate to the offending website's page

One note: for our configuration, if we navigated to the offending page and typed the URL without the `www.` the issue did not happen.

Environment

None

Status

Assignee

Unassigned

Reporter

David Hartman

Labels

None

Priority

New
Configure