5373 Commits

Author SHA1 Message Date
Brian Clozel
696692f1ed Do not attempt to decode wildcard content-types as form-data
Prior to this commit, the `DefaultServerWebExchange` would attempt to
decode request bodies as form-data or multipart of the request
content-type was compatible with the expected media types.

If requests are sent with an invalid wildcard content-type such as "*/*"
or "multipart/*", we should not attempt to decode here.

Fixes gh-34660
2025-06-16 15:51:47 +02:00
Brian Clozel
8dee7d8fb6 Use concrete form-data type when reading request body
Prior to this commit, the WebFlux server support would try reading
form-data from the request by:

* first, checking that request content-type is compatible with a
  form-data content-type
* then by selecting a message reader that is compatible with the given
  request content-type

This approach is flawed because if the content-type provided by the
request is too broad, another message reader could be selected that's
not meant to be used for reading form-data. Typically, a JSON message
reader could be selected and would fail when reading the request.
This problem was previously hidden because message readers would not
support `MultiValueMap` as a target type. Now that some readers support
this type, this can lead to deserialization errors.

This commit now ensures that in all cases, we attempt to read form-data
with a message reader that supports the
"application/x-www-form-urlencoded" media type.

Fixes gh-34660
2025-06-13 16:45:46 +02:00
Brian Clozel
f0e7b42704 Encode non-printable character in Content-Disposition parameter
Prior to this commit, the "filename" parameter value for the
"Content-Disposition" header would contain non-printable characters,
causing parsing issues for HTTP clients.
This commit ensures that all non-printable characters are encoded.

Fixes gh-35034
2025-06-12 08:39:29 +02:00
Johnny Lim
e86dc9ad95 Apply gh-34856 to MockClientHttpRequest in testfixture package
Closes gh-35031

Signed-off-by: Johnny Lim <izeye@naver.com>
2025-06-11 17:40:54 +02:00
Sam Brannen
4d2cc4ae97 Polish contribution
See gh-35013
2025-06-10 11:45:20 +02:00
Mohammad Saeed Nouri
c04902fefb Allow update of existing WebSession after max sessions limit is reached
Previously, when saving a WebSession, the system did not check whether
the session ID already existed. As a result, even if the session being
saved was an update to an existing one, it was incorrectly treated as a
new session, and a "maximum sessions exceeded" error was triggered.

This fix ensures that if a WebSession with the same ID already exists,
it will be updated rather than counted as a new session, thereby
preventing unnecessary session limit violations.

Closes gh-35013

Signed-off-by: Mohammad Saeed Nouri <msnsaeed71@gmail.com>
2025-06-10 11:44:59 +02:00
Sam Brannen
3c265e1044 Fix InMemoryWebSessionStoreTests.startsSessionImplicitly() test 2025-06-10 11:44:00 +02:00
Sam Brannen
222702f750 Polish WebSession support and tests 2025-06-10 11:43:56 +02:00
Sam Brannen
18d6a55e3e Polishing and removal of "this." for method invocations 2025-06-09 14:10:30 +02:00
rstoyanchev
4782c697b8 Improve RestControllerAdvice documentation
Closes gh-34866
2025-06-06 15:28:28 +01:00
rstoyanchev
de52090959 Polishing contribution
Closes gh-34554
2025-06-06 15:28:28 +01:00
Vedran Pavic
4d862b871d Improve Javadoc for @ExceptionHandler
This commit adds `ProblemDetail` and `ErrorResponse` to the list of
supported return types for `@ExceptionHandler` methods.

Closes gh-34554

Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
2025-06-06 15:28:28 +01:00
Sébastien Deleuze
a439e9030f Fix collection support in AbstractKotlinSerializationHttpMessageConverter
AbstractKotlinSerializationHttpMessageConverter#getSupportedMediaTypes(Class<?>)
currently invokes transitively supports(Class<?>) which always return false
with generic types.

This commit adds an override that just invokes getSupportedMediaTypes().

Closes gh-34992
2025-06-05 12:02:22 +02:00
Brian Clozel
4a46d957f3 Fix out of bounds exception for PathPattern#combine
Prior to this commit, combining the "/*" and  "/x/y" path patterns
would result in a `StringIndexOutOfBoundsException`.

This commit fixes this problem and revisits the implementation for
better consistency:

* "/*" + "/x/y" is now "/x/y"
* "/x/*.html" + "/y/file.*" is now rejected because they don't share the
  same prefix.

This change also adds the relevant Javadoc to the `PathPattern#combine`
method.

Fixes gh-34986
2025-06-04 20:18:33 +02:00
Sam Brannen
4df93a825b Update copyright headers and fix test method name 2025-06-04 11:28:55 +02:00
Tran Ngoc Nhan
3f0892b42c Fix typos
Closes gh-34876

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-03 18:55:15 +01:00
Johnny Lim
bbae625850 Add Javadoc since for gh-34745
Closes gh-34940

Signed-off-by: Johnny Lim <izeye@naver.com>
2025-06-03 18:06:24 +02:00
Brian Clozel
659472f9e3 Use HTTP methods in JdkClientHttpRequest when possible
Prior to this commit, we would use the
`java.net.http.HttpRequest.Builder#method(String, BodyPublisher)` to
create HTTP requests for the JDK HttpClient. This method requires a
non-null body publisher; providing an empty publisher writes a
"Content-Length: 0" header to all requests.

As of Java 19, this behavior changes for `HttpRequest.Builder#GET` and
similar methods, where the body publisher is considered as null and no
"Content-Length" header is written.

This commit aligns with this behavior and favors dedicated HTTP methods
whenever available.`

Closes gh-34971
2025-06-02 15:36:20 +02:00
Sam Brannen
e4b4512bcb Update code due to change in nullability contract
See gh-34933
2025-05-22 17:43:38 +02:00
Brian Clozel
2af0323c21 Use Content-Type charset in JAXB message converters
Prior to this commit, the JAXB message converters would only rely on the
encoding declaration inside the XML document for reading the document.
This would then use the default UTF-8 encoding, even if the HTTP message
has the `"application/xml;charset=iso-8859-1"` Content-Type.

This commit ensures that both `Jaxb2CollectionHttpMessageConverter` and
`Jaxb2RootElementHttpMessageConverter` use the encoding declared in the
HTTP Content-Type, if present.

Fixes gh-34745
2025-05-19 16:57:57 +02:00
Brian Clozel
fdab8fabd2 Avoid duplicate Content-Type in MockHttpServletRequest
Fixes gh-34913
2025-05-19 12:04:46 +02:00
Juergen Hoeller
73f1c5a189 Polishing 2025-05-13 16:08:57 +02:00
Brian Clozel
6f11711e27 Fix HttpClient 5.3.x request config compatibility
As of gh-33806, the HttpComponents client request factory is forward
compatible with the 5.4+ versions of that library for configuring HTTP
request configuration.

This change would not tkae into account configuration set at the Spring
level because it would consider the default `RequestConfig` instance as
a custom one. This commit ensures that Spring sets its own configuration
if no custom configuration was set for all supported HttpComponents
generations.

Fixes gh-34851
2025-05-05 14:38:30 +02:00
Juergen Hoeller
4466548f53 Align parameter javadoc with nullable signature
Closes gh-34845
2025-04-30 17:55:39 +02:00
rstoyanchev
c88ba6c90e Polishing contribution
Closes gh-34812
2025-04-28 14:23:30 +01:00
Yanming Zhou
d7c13d6518 HttpEntity.EMPTY should be immutable
See gh-34812

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-28 14:22:59 +01:00
rstoyanchev
c48ff357dc HTTP Service proxy sets body type
Closes gh-34793
2025-04-25 21:03:00 +01:00
Sébastien Deleuze
56eb135608 Fix AbstractJackson2HttpMessageConverter nullness
This commit makes AbstractJackson2HttpMessageConverter#getObjectMappersForType
return value non nullable as an empty map is returned in case of no
registrations.

Closes gh-34811
2025-04-24 10:37:30 +02:00
rstoyanchev
858c2bd270 Polishing contribution
Closes gh-34783
2025-04-23 10:54:52 +01:00
whl
124582d910 Fix expansion of query param with same name
See gh-34783

Signed-off-by: whl <whlit.cola@gmail.com>
2025-04-23 10:54:52 +01:00
Sam Brannen
7095f4cb66 Use proper casing for parameter and variable names 2025-04-14 11:25:40 +02:00
Sam Brannen
a22d204681 Remove duplicate words in Java source code
Discovered using regular expression: \b(\w+)\s+\1\b[^(}]
2025-04-14 11:24:55 +02:00
Sam Brannen
cd987fc104 Update Javadoc to stop mentioning 5.3.x as the status quo
Closes gh-34740
2025-04-10 16:40:04 +02:00
Sam Brannen
8f9cbcd86d Add @⁠since tags
See gh-34692
2025-04-03 10:33:19 +02:00
Taeik Lim
a946fe2bf8 Fix broken link for Server-Sent Events
Signed-off-by: Taeik Lim <sibera21@gmail.com>
Closes gh-34705
2025-04-02 17:43:42 +02:00
Sébastien Deleuze
671d972454 Add RestClient.RequestHeadersSpec#exchangeForRequiredValue
This commit adds a variant to RestClient.RequestHeadersSpec#exchange
suitable for functions returning non-null values.

Closes gh-34692
2025-04-02 17:10:01 +02:00
Sébastien Deleuze
d9047d39e6 Refine ExchangeFunction Javadoc
See gh-34692
2025-04-02 17:10:01 +02:00
Sébastien Deleuze
4db12806d1 Revert "Add a requiredExchange extension to RestClient"
This reverts commit dcb9383ba1.

See gh-34692
2025-04-02 17:10:01 +02:00
rstoyanchev
290c9c4a19 Use form charset in ServletServerHttpRequest
Closes gh-34675
2025-04-02 09:05:52 +01:00
rstoyanchev
e01ad5a08d Polishing in ServletServerHttpRequest
See gh-34675
2025-04-02 09:05:52 +01:00
Sam Brannen
36d9357f94 Fix Kotlin compilation errors 2025-03-31 12:02:51 +02:00
Sébastien Deleuze
dcb9383ba1 Add a requiredExchange extension to RestClient
Closes gh-34692
2025-03-31 11:55:41 +02:00
Sam Brannen
9fd1d0c6a3 Polish Javadoc
This commit also reverts the change to ASM's SymbolTable class.

See gh-34679
2025-03-29 12:57:08 +01:00
Tran Ngoc Nhan
30fcaef813 Remove unnecessary closing curly brackets in Javadoc
Closes gh-34679

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-29 12:37:48 +01:00
Juergen Hoeller
47651350f3 Polishing 2025-03-21 10:58:40 +01:00
rstoyanchev
15c20c3e65 Fix regression with opaque URI determination
Before RfcUriParser we expected opaque URI's to not have ":/"
after the scheme while the new parser expect opaque URI's to
not have a slash anywhere after the scheme. This commit
restores the previous behavior.

Closes gh-34588
2025-03-21 09:05:41 +00:00
Sam Brannen
208d52d852 Introduce Checkstyle rule for separator symbol location 2025-03-19 15:35:44 +01:00
rstoyanchev
18c3b637e4 Fix dated Javadoc in MvcUriComponentsBuilder
related to forwarded headers

Closes gh-34615
2025-03-19 12:33:01 +00:00
rstoyanchev
37d7af42ac Allow setting ApplicationContext on MockServerWebExchange
Closes gh-34601
2025-03-19 11:06:38 +00:00
Sébastien Deleuze
0141725638 Polishing
Closes gh-34592
2025-03-18 17:50:28 +01:00