Over One Billion JSessionID’s Served!

Posted on by

The 2006 RandomCoder article, “JSESSIONID considered harmful” mentions that a Google search on URLs with “jsessionid” in them resulted in 76 million results. Now in 2010, there are over one billion pages with “jsessionid” in the URL!

Although I understand the motivation behind URL-based session-ids (support cookie-less users), it seems inconceivable that all billion of these pages actually need cross-page state, even for casual/anonymous visitors (including search engine robots). I wonder how much bandwidth, memory and processing power are wasted to create empty session objects and shuffling around useless JSessionIDs in URLs and cookies.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>