Commit Graph

636 Commits

Author SHA1 Message Date
Juergen Hoeller
cc33d3fac8 Polishing 2015-02-25 19:05:06 +01:00
Brian Clozel
1705930c8e Merge pull request #735 from rjozwik/fix-huc-is-reserved
Fix reserved set definition according to appendix A of RFC 3986
2015-02-23 10:09:23 +01:00
Juergen Hoeller
7191050e26 Revised common validation methods in AbstractMessageConverterMethodArgumentResolver
The protected validation methods are analogous to ModelAttributeMethodProcessor now.

Issue: SPR-12655
2015-02-19 23:37:07 +01:00
Sebastien Deleuze
90e6304b49 Adjust log level for invalid SockJS or Websocket requests 2015-02-19 16:52:19 +01:00
Sebastien Deleuze
40cbede7f3 Improve error handling in WebUtils.isValidOrigin()
With this commit, WebUtils.isValidOrigin() logs an error message instead
of throwing an IllegalArgumentException when Origin header value is
invalid (for example when it does not contain the scheme).

Issue: SPR-12697
2015-02-19 16:51:58 +01:00
Juergen Hoeller
2135e70f36 Polishing 2015-02-18 17:59:32 +01:00
Juergen Hoeller
0c15a54007 Polishing 2015-02-18 16:45:16 +01:00
Sebastien Deleuze
6062e15572 Change SockJS and Websocket default allowedOrigins to same origin
This commit adds support for a same origin check that compares
Origin header to Host header. It also changes the default setting
from all origins allowed to only same origin allowed.

Issues: SPR-12697, SPR-12685
2015-02-18 09:30:15 +01:00
Juergen Hoeller
77fcf21401 Refined Jackson configuration enhancements
Issue: SPR-12594
Issue: SPR-12634
2015-02-11 20:37:04 +01:00
Radosław Józwik
6d734f2340 Fix reserved set definition according to appendix A of RFC 3986
I have signed and agree to the terms of the SpringSource Individual
Contributor License Agreement.
2015-02-10 23:17:59 +01:00
Juergen Hoeller
f58abd3d9a Polishing (forward-ported from 4.1.x) 2015-02-10 23:04:12 +01:00
Juergen Hoeller
058714b03a Polishing 2015-02-10 19:30:59 +01:00
Juergen Hoeller
7585be85f3 Revised validation javadoc, plus protected validate/isBindingErrorFatal template methods
Issue: SPR-12655
2015-02-10 19:28:30 +01:00
Rossen Stoyanchev
f84c458aba Add fromHttpRequest to UriComponentsBuilder
Before this change, detection of X-Forwarded-* headers was only built
into ServletUriComponentsBuilder.

This change adds a new method for creating a UriComponentsBuilder from
an existing HttpRequest. This is equivalent to the fromUri method +
X-Forwarded-* header values.
2015-02-10 06:53:14 +01:00
Sebastien Deleuze
b215d4c29e Add modulesToInstall(Modules...) to Jackson builder
This commit also adds a modules(Module...) method in addition to
modules(List<Module> modules) in order to be consistent with other
parts of the API.

Issue: SPR-12634
2015-02-03 11:58:21 +01:00
Rossen Stoyanchev
78f3a3cb11 Update javadoc for MultipartFile.transferTo
Issue: SPR-12650
2015-02-02 17:29:39 -05:00
Rossen Stoyanchev
fd426aaa4d Update Netty4ClientHttpRequestFactory buffer size
Before this change, the maxRequestSize property was used (incorrectly)
to limit both the size of the request and response. The change:

- removes maxRequestSize and therefore no longer places limits on the
size of the request thus matching to AbstractBufferingClientHttpRequest
which is the base class for other buffering client implementations.

- adds maxResponseSize property required to create Netty's
HttpObjectAggregator for aggregating responses.

Issue: SPR-12623
2015-02-02 15:50:22 -05:00
Rossen Stoyanchev
a32b5e61d0 Add support for Server-Sent Events
This commit adds ResponseBodyEmitter and SseEmitter (and also
ResponseEntity<ResponseBodyEmitter> and ResponseEntity<SseEmitter>) as
new return value types supported on @RequestMapping controller methods.

See Javadoc on respective types for more details.

Issue: SPR-12212
2015-01-29 17:55:09 -05:00
Sebastien Deleuze
ccb1c13951 Use UTC timezone in Jackson builder and factory tests
Issue: SPR-12634
2015-01-26 15:59:15 +01:00
Brian Clozel
cf86ecddb5 Avoid loss of body content in AbstractRequestLoggingFilter
Prior to this commit, the `ContentCachingRequestWrapper` class would
cache the response content only if the reponse would be consumed using
its InputStream. In case of a Form request, Spring MVC consumes the
response using the `getParameter*` Servlet API methods. This causes the
cached content to never be written.

This commit makes the `ContentCachingResponseWrapper` write the request
body to the cache buffer by using the `getParameter*` API, thus avoiding
those issues.

Issue: SPR-7913
2015-01-26 11:41:34 +01:00
Sebastien Deleuze
5fb6d6d89c Allow Jackson builder modules configuration to be customized
Modules (well-known or user provided) registration is now performed
first in order to allow their configuration to be customized by more
specific ones like custom serializers or deserializers.

Issue: SPR-12634
2015-01-26 11:08:08 +01:00
Juergen Hoeller
d4dac250a8 AbstractRequestLoggingFilter allows for dedicated shouldLog check in CommonsRequestLoggingFilter
Issue: SPR-12609
2015-01-20 16:01:53 +01:00
Sebastien Deleuze
bf7a9754d5 Avoid using Java 8 ZoneId class
Issue: SPR-12594
2015-01-20 15:24:55 +01:00
Sebastien Deleuze
b89e62e5f6 Support specifying Jackson TimeZone and Locale
Issue: SPR-12594
2015-01-20 14:57:14 +01:00
Sam Brannen
c50df0c420 Polish MessageBodyClientHttpResponseWrapper
Added missing copyright clause and fixed @since version.
2015-01-08 18:02:00 +01:00
Brian Clozel
b6675b6167 Revisit empty body response support in HTTP client
Prior to this commit, HTTP responses without body (response status 204
or 304, Content-Length: 0) were handled properly by RestTemplates. But
some other cases were not properly managed, throwing exceptions for
valid HTTP responses.

This commit better handles HTTP responses, using a response wrapper that
can tell if a response:

* has no message body (HTTP status 1XX, 204, 304 or Content-Length:0)
* has an empty message body

This covers rfc7230 Section 3.3.3.

Issue: SPR-8016
2015-01-08 17:34:39 +01:00
Craig Andrews
213a3fd779 Performance improvements in ShallowEtagHeaderFilter
Prior to this change, the ShallowEtagHeaderFilter would use a
ResizableByteArrayOutputStream to internally write data and calculate
the ETag. While that implementation is faster than the regular
ByteArrayOutputStream (since it has a better strategy for growing the
internal buffer), a lot of buffer copying/writing still happens.

This change adds a new FastByteArrayOutputStream implementation that
internally uses a LinkedList<Byte[]> to store the content. So when
writing bytes to that OutputStream implementation, new byte[] are
added to the list when the previous ones are full. This saves most
of the instantiating/copying operations.

Note that new methods were added in DigestUtils to allow usage of
Streams instead of byte[], which is more efficient in our case.

Fixes #653

Issue: SPR-12081
2015-01-08 16:08:09 +01:00
Stephane Nicoll
bce145c06e Merged HttpClient defaults with local customizations
Update HttpComponents wrapper to merge local customizations with the
default of the current HttpClient instead of overriding everything.

This is available as from HttpComponents 4.4. that exposes the default
request config from the  client via the Configurable interface. If the
client does not implement such interface, the previous behaviour is
applied

Issue: SPR-12583
2015-01-05 14:28:47 +01:00
Brian Clozel
e02719e5e3 Fix path mapping issue in default servlet mode
Prior to this commit, some requests would be wrongly mapped to "/" when:

* requests ends with "//" such as "/foo/bar//"
* the DispatcherServlet is mapped as the default ("/")
* the app container sanitizes the servletPath

In those cases, the path extraction algorithm was wrongly guessing the
path of the current request.

This commit detects if the app container sanitized the servletPath for
the current request. If so, it uses a sanitized version of the
requestUri to extract the path information.

Issue: SPR-12372
2014-12-31 14:08:49 +01:00
Sam Brannen
40449e2741 Suppress warnings in tests
This commit suppresses warnings in test classes that were polluting the
Gradle build output.
2014-12-31 02:10:30 +01:00
Juergen Hoeller
9ac02b319d Remove pre-3.2 deprecated classes and methods
Issue: SPR-12578
2014-12-30 20:05:15 +01:00
Juergen Hoeller
fad76336f6 Polishing 2014-12-30 15:26:43 +01:00
Juergen Hoeller
730bd02da7 Polishing 2014-12-30 15:01:51 +01:00
Juergen Hoeller
86b8112c90 Polishing 2014-12-29 15:13:40 +01:00
Stephane Nicoll
71783c5d86 Allow default settings of a custom HttpClient to apply
Previously the default settings of a custom HttpClient were always
ignored since a RequestConfig instance was always set no matter if
some customizations were applied or not.

This commit keeps an internal RequestConfig object instance that is
only initialized if the user applies a customization. If he does not, the
default settings of the HttpClient are used as it should.

Note that if the HttpComponents API exposed the default RequestConfig
of a given HttpClient, we would be able to merge our customizations with
the one specified by the client. Unfortunately, such API does not exist
and the "defaultSettingsOfHttpClientLostOnExecutorCustomization" test
illustrates that limitation.

Issue: SPR-12540
2014-12-29 09:36:54 +01:00
Rossen Stoyanchev
ea05e0b1ad Improve @SessionAttributes support during redirect
Before this change attributes listed with @SessionAttributes would not
be saved in the session when there was a redirect and the controller
method declared a parameter of type RedirectAttributes.

This change ensures it's the "default" model that is always the one
checked for @SessionAttributes under all circumstances since
RedirectAttributes is really only meant to provide String values to
insert into or append to the the redirect URL.

Issue: SPR-12542
2014-12-23 14:24:44 -05:00
Rossen Stoyanchev
ea2943feca Polish ModelAndViewContainer and update tests 2014-12-23 14:24:43 -05:00
Juergen Hoeller
c114c08922 Preparations for Jackson 2.5
Issue: SPR-12565
2014-12-22 18:46:57 +01:00
Stephane Nicoll
aafdcecf53 Customize connection request timeout
Prior to this commit it was not possible to easily customize the
connection request timeout used by the HttpClient. Both
`HttpComponentsClientHttpRequestFactory` and
`HttpComponentsClientHttpRequestFactoryTests` have been updated to
support a `connectionRequestTimeout` property.

Issue: SPR-12166
2014-12-22 16:31:07 +01:00
Stephane Nicoll
24b82746b5 Polish upgrade to HttpComponents 4.3
Polish fbe605123 to make explicit the fact that a null RequestConfig
can be used to force the defaults of the current HttpClient.

Issue: SPR-11113
2014-12-22 14:31:24 +01:00
Stephane Nicoll
fbe6051233 Upgrade HttpComponentsHIRE to HttpComponents 4.3
Previously, HttpComponentsHttpInvokerRequestExecutor was not compatible
with the new API of HttpComponents 4.3. Specifically, it is not possible
to update the socket and read timeouts on the HttpClient itself anymore.

We actually already updated HttpComponentsClientHttpRequestFactory for a
similar problem in SPR-11442: if we detect an older HttpClient
implementation, we update the timeout directly on the client. If that's
not the case, we keep the value in the factory itself and use it when a
new HttpRequest needs to be created.

This commit also uses the new API to create a default HttpClient and
therefore requires HttpComponents 4.3. As mentioned above, it is still
possible to use deprecated HttpClient instances against this executor.

Issue: SPR-11113
2014-12-22 11:02:32 +01:00
Rossen Stoyanchev
0524a82c09 Update unprocessableEntity to allow body
Issue: SPR-12515
2014-12-08 16:19:52 -05:00
Juergen Hoeller
1daa5eb383 ResponseEntity provides static "unprocessableEntity()" convenience method as well
Issue: SPR-12515
2014-12-07 15:34:39 +01:00
Rossen Stoyanchev
189ec75789 Add ability to clone to UriComponentsBuilder hierarchy
Issue: SPR-12494
2014-12-05 12:16:15 -05:00
Sebastien Deleuze
2fccf3ff44 Add support for autowiring Jackson handlers
This commit introduces the SpringHandlerInstantiator
class, a Jackson HandlerInstantiator that allows to autowire
Jackson handlers (JsonSerializer, JsonDeserializer, KeyDeserializer,
TypeResolverBuilder and TypeIdResolver) if needed.

SpringHandlerInstantiator is automatically used with
@EnableWebMvc and <mvc:annotation-driven />.

Issue: SPR-10768
2014-12-05 17:37:28 +01:00
Juergen Hoeller
d1f8968595 ControllerAdvice basePackages specifically refer to actual packages (avoiding accidental prefix matches with other packages)
Issue: SPR-12509
2014-12-05 13:25:48 +01:00
Brian Clozel
98870251f9 Better empty response body support in RestTemplate
Prior to this change, RestTemplate returned an empty response body if:

* HTTP return status 204 or 304
* Content-length header equals 0

This change adds a new condition for this, better supporting RFC7230
section 3.4, for connections that are closed without response body:

* No Content-length header
* No Transfer-encoding: chunked header value
* a Connection: close header value

See SPR-7911 for previous efforts in that space.

Issue: SPR-8016
2014-12-05 09:57:41 +01:00
Brian Clozel
b2878a4f60 Merge pull request #704 from aantono/master
Fixed the output stream incomplete data by explicitly flushing the OutputStreamWriter
2014-12-05 09:51:55 +01:00
Alex Antonov
bf8d99d7e4 Fixed the output stream incomplete data by explicitly flushing the OutputStreamWriter 2014-12-04 16:46:15 -06:00
Juergen Hoeller
4013fe03a5 Revised ControllerAdvice basePackages handling (based on package names instead of java.lang.Package)
Issue: SPR-12506
2014-12-04 17:56:01 +01:00