Commit Graph

594 Commits

Author SHA1 Message Date
Rossen Stoyanchev
4a423e50a8 Add fromHttpRequest to UriComponentsBuilder
Before this change, detection of X-Forwarded-* headers was only built
into ServletUriComponentsBuilder.

This change adds a new method for creating a UriComponentsBuilder from
an existing HttpRequest. This is equivalent to the fromUri method +
X-Forwarded-* header values.
2015-02-10 06:54:10 +01:00
Brian Clozel
d57f7f8783 Sort handler matches in ResourceUrlProvider
Prior to this change, the `ResourceUrlProvider.getForLookupPath` method
would try to match handlers using the keySet order in the
handlerMappings Map. In case of several matches, the handler used for
the return value could vary, since the registration order in the
handlerMappings can't be guaranteed in the configuration.

This commit now collects all matching handlers and sort them using a
`PatternComparator`, in order to try each handler from the most specific
mapping to the least.

Issue: SPR-12647
2015-02-09 15:08:54 +01:00
Brian Clozel
f902fb911c Initialize ResourceUrlProvider only once
Prior to this change, the ResourceUrlProvider would listen to
ContextRefreshedEvents and autodetect resource handlers each time. This
can cause issues when multiple contexts are involved and the last one
has no resource handler, thus clearing the previously detected ones.

This commit disables resource handlers auto-detection once some have
been detected with a refreshed context.

Issue: SPR-12592
2015-02-09 15:08:15 +01:00
Brian Clozel
77c8aa53ae Allow relative paths within resource location path
Prior to this change, location paths used for resource handling would
not allow "non-cleaned, relative paths" such as
`file://home/user/static/../static/`. When checking if the resolved
resource's path starts with the location path, a mismatch would happen
when comparing for example:

* the location `file://home/user/static/../static/`
* and the resource `file://home/user/static/resource.txt`

This commit cleans the location path before comparing it to the resource
path.

Issue: SPR-12624
2015-02-09 15:07:52 +01:00
Brian Clozel
bb5da15e1c Allow protocol relative URLs in CssLink Transformer
This commit allows the use of "protcol relative URLs" (i.e. URLs without
scheme, starting with `//`), often used to serve resources automatically
from https or http with third party domains.

This syntax is allowed by RFC 3986.

Issue: SPR-12632
2015-02-09 15:07:34 +01:00
Brian Clozel
0c8d07fcff Fix context-relative default value in XML parsing
This commit fixes the default value for the contextRelative attribute of
a RedirectView, when this view is registered via a
RedirectViewController in XML. The value is set to true.

Note that the default value for this is correctly documented in
spring-mvc-4.1.xsd. Also, the documentation and implementation for its
javadoc counterpart also enforces true as a default value.

Issue: SPR-12607
2015-02-09 15:07:06 +01:00
Rossen Stoyanchev
7621cc787d Remove ISE in ResourceUrlProvider
Issue: SPR-12630
2015-01-22 17:09:42 -05:00
Rossen Stoyanchev
cdaf4497b6 Remove logging statement in ResponseBodyAdviceChain
Issue: SPR-12616
2015-01-20 17:23:47 -05:00
Juergen Hoeller
9542313710 Polishing 2014-12-30 15:29:48 +01:00
Juergen Hoeller
dcb821edb5 Polishing
(cherry picked from commit 730bd02)
2014-12-30 15:07:19 +01:00
Juergen Hoeller
86b8112c90 Polishing 2014-12-29 15:13:40 +01:00
Juergen Hoeller
6b3023c2aa HandlerExecutionChain prevents re-adding the interceptors array to the list (and declares varargs now)
Issue: SPR-12566
2014-12-23 18:27:49 +01:00
Rossen Stoyanchev
189ec75789 Add ability to clone to UriComponentsBuilder hierarchy
Issue: SPR-12494
2014-12-05 12:16:15 -05:00
Sebastien Deleuze
2fccf3ff44 Add support for autowiring Jackson handlers
This commit introduces the SpringHandlerInstantiator
class, a Jackson HandlerInstantiator that allows to autowire
Jackson handlers (JsonSerializer, JsonDeserializer, KeyDeserializer,
TypeResolverBuilder and TypeIdResolver) if needed.

SpringHandlerInstantiator is automatically used with
@EnableWebMvc and <mvc:annotation-driven />.

Issue: SPR-10768
2014-12-05 17:37:28 +01:00
Rossen Stoyanchev
ad65119a2c Polish ServletUriComponentsBuilder 2014-12-04 10:30:14 -05:00
Rossen Stoyanchev
7f11c1ee2f Also apply X-Forwarded-Prefix in fromContextPath
Issue: SPR-12500
2014-12-04 10:15:55 -05:00
Rossen Stoyanchev
d322bcfbf4 Use X-Forwarded-Prefix in ServletUriComponentsBuilder
Issue: SPR-12500
2014-12-03 13:46:25 -05:00
Rossen Stoyanchev
7aa5e65235 Add info on intercepting static resource requests
Issue: SPR-10655
2014-12-02 15:59:43 -05:00
Stephane Nicoll
1aad4da6b6 Remove compiler warning 2014-12-02 14:18:22 +01:00
Juergen Hoeller
2496d68e9f Relaxed final declarations and protected doInvoke methods
Issue: SPR-12484
2014-12-01 15:07:24 +01:00
Brian Clozel
b3bfa95e2b Fix ResourceUrlEncodingFilter with context mapping
Prior to this change, the ResourceUrlEncodingFilter would work well when
the application is mapped to "/". But when mapped to a non-empty servlet
context, this filter would not properly encode URLs and apply
ResourceResolver URL resolution for resources.

This commit makes sure that the lookup path is properly resolved in the
request URI, taking into account the servlet context.

Issue: SPR-12459
2014-11-26 14:56:24 +01:00
Rossen Stoyanchev
24834f6d2f Add extendMessageConverters to WebMvcConfigurer
Issue: SPR-12450
2014-11-25 10:11:10 -05:00
Juergen Hoeller
929cda6790 Allow custom @Validated annotations for handler method parameters
Issue: SPR-12406
2014-11-24 23:34:24 +01:00
Juergen Hoeller
51bed18e61 Resource resolution and message escaping tests pass on Windows again 2014-11-24 15:06:44 +01:00
Brian Clozel
161d3e3049 Fix location checks for servlet 3 resources
SPR-12354 applied new checks to make sure that served static resources
are under authorized locations.

Prior to this change, serving static resources from Servlet 3 locations
such as "/webjars/" would not work since those locations can be within
one of the JARs on path. In that case, the checkLocation method would
return false and disallow serving that static resource.

This change fixes this issue by making sure to call the
`ServletContextResource.getPath()` method for servlet context resources.

Note that there's a known workaround for this issue, which is using a
classpath scheme as location, such as:
"classpath:/META-INF/resources/webjars/" instead of "/webjars".

Issue: SPR-12432
2014-11-24 14:08:54 +01:00
Juergen Hoeller
223d849a14 Polishing 2014-11-23 00:12:02 +01:00
Juergen Hoeller
2675ce7c9f Polishing 2014-11-22 18:05:35 +01:00
Juergen Hoeller
ece2c90e91 RequestMappingHandlerAdapter allows for overriding handleInternal
Issue: SPR-12460
2014-11-22 17:37:45 +01:00
Juergen Hoeller
282adeda88 Unit test for JavaBeans introspection against FreeMarker Configuration class
Issue: SPR-12448
2014-11-22 16:47:19 +01:00
Rossen Stoyanchev
9cef8e3001 Apply extra checks to static resource handling
- remove leading '/' and control chars
- improve url and relative path checks
- account for URL encoding
- add isResourceUnderLocation final verification

Issue: SPR-12354
2014-11-11 07:12:44 +01:00
Juergen Hoeller
9ff8a01f29 Polishing 2014-11-07 17:14:50 +01:00
Juergen Hoeller
6a96850aa7 Polishing 2014-11-06 14:29:43 +01:00
Sam Brannen
c78fd204df Explicitly mention DelegatingWebMvcConfiguration in @EnableWebMvc Javadoc 2014-11-03 17:42:17 +01:00
Juergen Hoeller
285dca027b Polishing
(cherry picked from commit acefd83)
2014-11-02 11:48:09 +01:00
Juergen Hoeller
a9c47df0c1 Polishing 2014-11-01 14:05:32 +01:00
Juergen Hoeller
97ea43681b Polishing 2014-11-01 09:13:34 +01:00
Sebastien Deleuze
cfa3d358d5 Add an alwaysInclude property to TilesViewResolver
Issue: SPR-12374
2014-10-31 19:39:29 +01:00
Juergen Hoeller
1146d5ba1d Polishing 2014-10-29 22:44:59 +01:00
Sebastien Deleuze
17b9bde336 Set ResponseStatusExceptionResolver.messageSource in the MVC Java config
Issue: SPR-12380
2014-10-28 13:44:13 +01:00
Rossen Stoyanchev
da612d079f Replace "if(" with "if (" 2014-10-27 09:04:23 -04:00
Brian Clozel
a0c210457b Use response encoding when escaping HTML
With SPR-9293, it is now possible to HTML escape text while taking into
account the current response encoding. When using UTF-* encodings, only
XML markup significant characters are escaped, since UTF-* natively
support those characters.

This commit adds a new servlet context parameter to enable this fix by
default in a Spring MVC application:

    <context-param>
      <param-name>responseEncodedHtmlEscape</param-name>
      <param-value>true</param-value>
    </context-param>

Issue: SPR-12350, SPR-12132
2014-10-24 11:53:47 +02:00
Juergen Hoeller
cb860364dd TilesConfigurer defensively expects null from getResources in case of no resources found
Also includes order preservation for resource results with Tiles 2 as well as retrieval failure logging with Tiles 3.

Issue: SPR-12362
2014-10-23 17:23:52 +02:00
Rossen Stoyanchev
051c5fb66a Update javadoc 2014-10-22 22:28:21 -04:00
Sam Brannen
4412bc68aa Polish Javadoc 2014-10-23 01:06:12 +02:00
Brian Clozel
a011b360d1 Polish SPR-12286
Issue: SPR-12286
2014-10-22 21:15:34 +02:00
Brian Clozel
86d97baf65 Allow defining default content negotiation strategy
During the HTTP Content Negotiation phase, the ContentNegotiationManager
uses configured ContentNegotiationStrategy(ies) to define the list of
content types accepted by the client.

When HTTP clients don't send Accept headers, nor use a configured
file extension in the request, nor a request param, developers can
define a default content type using the
ContentNegotiationConfigurer.defaultContentType() method.

This change adds a new overloaded defaultContentType method that takes a
ContentNegotiationStrategy as an argument. This strategy will take the
current request as an argument and return a default content type.

Issue: SPR-12286
2014-10-22 16:32:12 +02:00
Sam Brannen
6e5907ff39 Add missing text to CachingResourceTransformer Javadoc 2014-10-21 16:11:15 +02:00
Juergen Hoeller
8325b10080 Consistent formatting of license headers, package javadocs, and import declarations 2014-10-21 01:44:07 +02:00
Rossen Stoyanchev
c5e360d886 Fix regression with raw ResponseEntity type
This fix addresses a 4.1.1 regression where a raw ResponseEntity return
value (used to return potentially a different kind of body) caused an
exception.

The regression came from the fact we now try to render a null body in
order to give ResponseBodyAdvice a chance to substitute a different
value. That in turn means we have to try to determine the body type
from the method signature.

This change improves the logic for extracting the generic parameter
type to accommodate a raw ResponseEntity class. Also we avoid raising
HttpMediaTypeNotAcceptableException if the value to be rendered is
null.

Issue: SPR-12287
2014-10-17 13:21:08 -04:00
Rossen Stoyanchev
3d96c883d1 Cache lookup path in ResourceUrlEncodingFilter
Commit https://github.com/spring-projects/spring-framework/commit/2b97d6
introduced a change where the path within the DispatcherServlet is
determined with each call to ResourceUrlProvider.getForRequestUrl.

To avoid repeating that every time a URL is encoded through the
response, we now cache the result of the lookupPath determination in
ResourceUrlEncodingFilter.

Issue: SPR-12332
2014-10-16 22:01:26 -04:00