JSF / Facelets Session Leak

Here is a bug that is fixed in JSF 2.1.0, but not the 2.0.x series. Bad Facelets code forces session creation for every request. One workaround is to remove the facelets.Encoding attribute from the FacesContext before rendering using a custom ViewHandler:

    /**
     * The default FaceletViewHandler uses session attributes the track
     * the response encoding to use. We can avoid session creation by 
     * removing the facelets.Encoding attribute from the FacesContext.
     */
    @Override
    public void renderView(FacesContext faces, UIViewRoot root)
            throws IOException {
        faces.getAttributes().remove("facelets.Encoding");
        super.renderView(faces, root);
    }

The problem with this is that the template encoding then defaults to ISO-8859-1 while most of will be using UTF-8. So we need another solution.

Try as I might to find another extension point to prevent the session creation, I could not. In the end I just copied the com.sun.faces.application.view.FaceletViewHandlerStrategy source into my project and patched the file myself by commenting out the line below.

        if (ctxAttributes.containsKey("facelets.Encoding")) {
            encoding = (String) ctxAttributes.get("facelets.Encoding");
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST,
                           "Facelet specified alternate encoding {0}",
                           encoding);
            }
            //sessionMap.put(ViewHandler.CHARACTER_ENCODING_KEY, encoding);
        }

Dodgy, but effective.

About Roger Keays

Roger Keays is an artist, an engineer, and a student of life. He has no fixed address and has left footprints on 40-something different countries around the world. Roger is addicted to surfing. His other interests are music, psychology, languages, the proper use of semicolons, and finding good food.