Commit Graph

645 Commits

Author SHA1 Message Date
Juergen Hoeller
6cdc208c73 Polishing 2015-05-23 00:09:58 +02:00
Juergen Hoeller
3c6f1f8352 Polishing 2015-05-22 17:24:40 +02:00
Juergen Hoeller
a8f75399f8 Javadoc fixes 2015-05-11 19:04:29 +02:00
Juergen Hoeller
ce4e795f09 Polishing 2015-05-11 18:05:09 +02:00
Juergen Hoeller
fb7476f543 InvocableHandlerMethod logs argument resolution exceptions at debug level
Issue: SPR-12925
(cherry picked from commit 10a51a4)
2015-05-11 15:34:57 +02:00
Juergen Hoeller
8f6ac19f50 HttpEntity and its subclasses insist on same target type for equality
Issue: SPR-12910
(cherry picked from commit af272c2)
2015-05-11 15:29:23 +02:00
Rossen Stoyanchev
b44044e36f Allow "ws" and "wss" for isValidCorsOrigin checks
Issue: SPR-12956
2015-05-04 11:02:55 -04:00
Arjen Poutsma
e799554ab8 Netty4ClientHttpRequest ignores query params
Before this commit, Netty4ClientHttpRequest ignored query parameters
(?foo=bar). This commit fixes that.

Issue: SPR-12779
(cherry picked from commit caee78a)
2015-04-01 17:11:50 +02:00
Juergen Hoeller
35bf96763d Polishing 2015-03-31 18:42:28 +02:00
Juergen Hoeller
52ed9b7106 Consistent javadoc param declarations for type variables
(cherry picked from commit d23893f)
2015-03-25 01:02:40 +01:00
Juergen Hoeller
673dac5620 Removed outdated references to Servlet 2.3/2.4 2015-03-24 21:21:18 +01:00
Juergen Hoeller
8d14e7736a Polishing
(cherry picked from commit 162ee36)
2015-03-21 00:35:08 +01:00
Juergen Hoeller
5f95ff6bfd Optimized access to resolved bean type (avoiding BeanFactory locks)
Revised HandlerMethod.getBeanType() impl for both web and messaging.
In addition, HandlerMethods get created with the internal BeanFactory now.

Issue: SPR-12832
(cherry picked from commit 898c24f)
2015-03-20 23:58:22 +01:00
Juergen Hoeller
ce84fafde4 ContentCachingRequestWrapper converts IOException to IllegalStateException
Issue: SPR-12810
2015-03-13 20:19:31 +01:00
Juergen Hoeller
b352dbfdeb Polishing (in particular updating javadoc references to Apache Commons)
(cherry picked from commit bc6a98c)
2015-03-13 20:13:21 +01:00
Rossen Stoyanchev
f42c53d9be Support comma-separated X-Forwarded-Proto
Issue: SPR-12816
2015-03-13 13:05:11 -04:00
Brian Clozel
151e96cac4 Fix InputStream caching in ContentCachingReqWrapper
Prior to this commit, the ContentCachingRequestWrapper would immediately
consume the wrapped request's InputStream when asked for the cached
content; that caused several issues:

* the request body was read in memory even if it wasn't yet consumed by
the application, leading to inefficiencies.
* when requesting the InputStream, an empty InputStream was returned
since the original was already read.

This case only happened for form POSTs requests.

This commit makes sure that the wrapper does not alter the request
expected behavior:

* when getting the inputstream, it is wrapped in order to cache its
content
* when getting request parameters, the request body is cached and its
inputstream is consumed, as expected

Issue: SPR-12810
2015-03-13 16:11:17 +01:00
Rossen Stoyanchev
a522fa36af Support comma-separated X-Forwarded-Port
Issue: SPR-12813
2015-03-13 10:02:14 -04:00
Rossen Stoyanchev
5c463a1680 Move X-Forwarded-* tests to UriComponentsBuilderTests 2015-03-13 10:02:00 -04:00
Juergen Hoeller
cb6459c271 ResponseEntity's headers(HttpHeaders) accepts null value
Issue: SPR-12792
(cherry picked from commit 73e8021)
2015-03-10 15:19:06 +01:00
Juergen Hoeller
6b9e89118f StandardMultipartFile declares itself as Serializable now
Issue: SPR-12795
(cherry picked from commit 5ba7b89)
2015-03-10 15:18:43 +01:00
Juergen Hoeller
7ed7f981c9 Polishing
(cherry picked from commit b541fc9)
2015-03-06 18:50:49 +01:00
Rossen Stoyanchev
410fc6d763 UriComponentsBuilder.fromHttpRequest sets port correctly
Cherry-picked from commit d64c48 on master

Issue: SPR-12771
2015-03-05 21:54:46 -05:00
Juergen Hoeller
7eb4679f28 RestTemplate avoids use of warn level for response errors
Protected handleResponse method replaces former private logResponseStatus/handleResponseError methods.

Issue: SPR-12760
(cherry picked from commit 594a14a)
2015-02-27 22:33:55 +01:00
Juergen Hoeller
6be554cba5 Polishing
(cherry picked from commit cc33d3f)
2015-02-25 20:38:18 +01:00
Juergen Hoeller
d77af71e9c Revised common validation methods in AbstractMessageConverterMethodArgumentResolver
The protected validation methods are analogous to ModelAttributeMethodProcessor now.

Issue: SPR-12655
(cherry picked from commit 7191050)
2015-02-19 23:53:16 +01:00
Sebastien Deleuze
5db4e4bab0 Adjust log level for invalid SockJS or Websocket requests 2015-02-19 16:06:06 +01:00
Sebastien Deleuze
7cc56e1630 Improve error handling in WebUtils.isValidOrigin()
With this commit, WebUtils.isValidOrigin() logs an error message instead
of throwing an IllegalArgumentException when Origin header value is
invalid (for example when it does not contain the scheme).

Issue: SPR-12697
2015-02-19 14:12:10 +01:00
Juergen Hoeller
8dbe753963 Polishing 2015-02-18 17:54:16 +01:00
Sebastien Deleuze
23fa37b08b Change SockJS and Websocket default allowedOrigins to same origin
This commit adds support for a same origin check that compares
Origin header to Host header. It also changes the default setting
from all origins allowed to only same origin allowed.

Issues: SPR-12697, SPR-12685
(cherry picked from commit 6062e15)
2015-02-18 17:26:55 +01:00
Juergen Hoeller
fab8dd3d0b Combined backport of Jackson configuration enhancements: Locale/TimeZone settings, refined module configuration
Issue: SPR-12594
Issue: SPR-12634
2015-02-11 19:03:54 +01:00
Juergen Hoeller
0706889222 Polishing
(cherry picked from commit 058714b)
2015-02-10 22:58:16 +01:00
Juergen Hoeller
25644dbdb9 Revised validation javadoc, plus protected validate/isBindingErrorFatal template methods
Issue: SPR-12655
(cherry picked from commit 7585be8)
2015-02-10 22:00:11 +01:00
Rossen Stoyanchev
4a423e50a8 Add fromHttpRequest to UriComponentsBuilder
Before this change, detection of X-Forwarded-* headers was only built
into ServletUriComponentsBuilder.

This change adds a new method for creating a UriComponentsBuilder from
an existing HttpRequest. This is equivalent to the fromUri method +
X-Forwarded-* header values.
2015-02-10 06:54:10 +01:00
Brian Clozel
0225a7776c Revisit empty body response support in HTTP client
Prior to this commit, HTTP responses without body (response status 204
or 304, Content-Length: 0) were handled properly by RestTemplates. But
some other cases were not properly managed, throwing exceptions for
valid HTTP responses.

This commit better handles HTTP responses, using a response wrapper that
can tell if a response:

* has no message body (HTTP status 1XX, 204, 304 or Content-Length:0)
* has an empty message body

This covers rfc7230 Section 3.3.3.

Issue: SPR-8016
2015-02-09 15:10:39 +01:00
Brian Clozel
4550b4a254 Avoid loss of body content in AbstractRequestLoggingFilter
Prior to this commit, the `ContentCachingRequestWrapper` class would
cache the response content only if the reponse would be consumed using
its InputStream. In case of a Form request, Spring MVC consumes the
response using the `getParameter*` Servlet API methods. This causes the
cached content to never be written.

This commit makes the `ContentCachingResponseWrapper` write the request
body to the cache buffer by using the `getParameter*` API, thus avoiding
those issues.

Issue: SPR-7913
2015-02-09 15:08:35 +01:00
Stephane Nicoll
7ffa845aa8 Fix broken build
Add required  `@Deprecated` annotation.
2015-02-09 10:19:41 +01:00
Rossen Stoyanchev
49c21a0a06 Update javadoc for MultipartFile.transferTo
Issue: SPR-12650
2015-02-02 17:30:34 -05:00
Rossen Stoyanchev
d9d8a79c30 Update Netty4ClientHttpRequestFactory buffer size
This change deprecates the maxRequestSize property and adds
maxResponseSize instead. The latter is required to create Netty's
HttpObjectAggregator and aggregates responses.

The maxRequestSize property is already removed in the master branch
and will not be available starting with 4.2.

Issue: SPR-12623
2015-02-02 16:15:42 -05:00
Juergen Hoeller
bfba988a0d AbstractRequestLoggingFilter allows for dedicated shouldLog check in CommonsRequestLoggingFilter
Issue: SPR-12609
(cherry picked from commit d4dac25)
2015-01-21 12:34:05 +01:00
Juergen Hoeller
8c700b19da Polishing 2014-12-30 21:04:28 +01:00
Juergen Hoeller
dcb821edb5 Polishing
(cherry picked from commit 730bd02)
2014-12-30 15:07:19 +01:00
Juergen Hoeller
86b8112c90 Polishing 2014-12-29 15:13:40 +01:00
Stephane Nicoll
71783c5d86 Allow default settings of a custom HttpClient to apply
Previously the default settings of a custom HttpClient were always
ignored since a RequestConfig instance was always set no matter if
some customizations were applied or not.

This commit keeps an internal RequestConfig object instance that is
only initialized if the user applies a customization. If he does not, the
default settings of the HttpClient are used as it should.

Note that if the HttpComponents API exposed the default RequestConfig
of a given HttpClient, we would be able to merge our customizations with
the one specified by the client. Unfortunately, such API does not exist
and the "defaultSettingsOfHttpClientLostOnExecutorCustomization" test
illustrates that limitation.

Issue: SPR-12540
2014-12-29 09:36:54 +01:00
Rossen Stoyanchev
ea05e0b1ad Improve @SessionAttributes support during redirect
Before this change attributes listed with @SessionAttributes would not
be saved in the session when there was a redirect and the controller
method declared a parameter of type RedirectAttributes.

This change ensures it's the "default" model that is always the one
checked for @SessionAttributes under all circumstances since
RedirectAttributes is really only meant to provide String values to
insert into or append to the the redirect URL.

Issue: SPR-12542
2014-12-23 14:24:44 -05:00
Rossen Stoyanchev
ea2943feca Polish ModelAndViewContainer and update tests 2014-12-23 14:24:43 -05:00
Juergen Hoeller
c114c08922 Preparations for Jackson 2.5
Issue: SPR-12565
2014-12-22 18:46:57 +01:00
Stephane Nicoll
aafdcecf53 Customize connection request timeout
Prior to this commit it was not possible to easily customize the
connection request timeout used by the HttpClient. Both
`HttpComponentsClientHttpRequestFactory` and
`HttpComponentsClientHttpRequestFactoryTests` have been updated to
support a `connectionRequestTimeout` property.

Issue: SPR-12166
2014-12-22 16:31:07 +01:00
Stephane Nicoll
24b82746b5 Polish upgrade to HttpComponents 4.3
Polish fbe605123 to make explicit the fact that a null RequestConfig
can be used to force the defaults of the current HttpClient.

Issue: SPR-11113
2014-12-22 14:31:24 +01:00
Stephane Nicoll
fbe6051233 Upgrade HttpComponentsHIRE to HttpComponents 4.3
Previously, HttpComponentsHttpInvokerRequestExecutor was not compatible
with the new API of HttpComponents 4.3. Specifically, it is not possible
to update the socket and read timeouts on the HttpClient itself anymore.

We actually already updated HttpComponentsClientHttpRequestFactory for a
similar problem in SPR-11442: if we detect an older HttpClient
implementation, we update the timeout directly on the client. If that's
not the case, we keep the value in the factory itself and use it when a
new HttpRequest needs to be created.

This commit also uses the new API to create a default HttpClient and
therefore requires HttpComponents 4.3. As mentioned above, it is still
possible to use deprecated HttpClient instances against this executor.

Issue: SPR-11113
2014-12-22 11:02:32 +01:00