The only actual difference between the HttpServletResponse encodeURL and encodeRedirectURL methods, at least
in the Tomcat and Glassfish reference implementations, seems to be when actually inserting a sessionID into an
empty-string URL. For an empty-string URL, the encodeURL method inserts the session ID into the equivalent absolute URL
rather than using the given empty string, whereas the encodeRedirectURL method treats empty-string URLs the same way
as any other URL. The reference implementation source code justifies this with the comment "W3c spec clearly said"
but gives no further details, and the exact reason for this difference remains somewhat unclear.