I have a problem with HttpServletResponse.encodeURL(). When I disable cookies in my web browser and connect to my application, it appears that encodeURL() encodes any URLs that do not start with a '/' appropriately using the session id. Nevertheless, all URLs that start with a '/' (i.e. are relative to the context root of the web app) are not encoded with the session id.
I have searched in the specs but could not find any mention of this. Is the current behavior as it should be or are we looking at a bug?