Commit Graph

727 Commits

Author SHA1 Message Date
Brian Clozel
88405be8a5 Quote ETags set with ResponseEntity builder API
Prior to this change, trying to set an unquoted ETag with
`ResponseEntity`'s API would throw an `IllegalArgumentException`.

This commit automatically quotes ETag values set using ResponseEntity.

Issue: SPR-13378
2015-08-24 09:54:08 +02:00
Juergen Hoeller
c685fd7c23 Polishing 2015-08-21 17:03:53 +02:00
Juergen Hoeller
6d1b8b5a31 SpringWebConstraintValidatorFactory for use with validation.xml
Issue: SPR-13327
2015-08-21 17:02:55 +02:00
Rossen Stoyanchev
473dd5e9e8 Unwrap if necessary for MultipartHttpServletRequest
Before this commit RequestPartServletServerHttpRequest simply did an
instanceof check for MultipartHttpServletRequest. That hasn't failed
because request wrapping typically happens in filters before the
DispatcherServlet calls the MultipartResolver.

With Spring MVC Test and the Spring Security integraiton however,
this order is reversed since there we prepare the multipart request
upfront, i.e. there is no actual parsing.

The commit unwraps the request if necessary.

Issue: SPR-13317
2015-08-21 10:28:08 -04:00
Craig Andrews
cccf5f65f5 Register jackson-datatype-jdk7 module when using Java 7
Issue: SPR-13354
2015-08-18 14:20:08 +02:00
Sebastien Deleuze
d53f0b995a Polish GenericHttpMessageConverter
Issue: SPR-13318
2015-08-17 17:57:13 +02:00
Sebastien Deleuze
4338719d98 Serialize with type only collections in Jackson HttpMessageConverter
Issue: SPR-13318
2015-08-17 17:17:51 +02:00
Rossen Stoyanchev
257cc63141 Restore order in AllEncompassingFormHttpMessageConverter
Issue: SPR-13309
2015-08-13 07:45:25 -04:00
Juergen Hoeller
9ef38807e6 Polishing 2015-07-30 19:34:33 +02:00
Rossen Stoyanchev
27cd87926a StandardServletAsyncWebRequest handling for onError
This change ensures that an onError outcome from an async request is
also routed to onCompletion handlers registered with
StandardServletAsyncWebRequest.

Issue: SPR-13292
2015-07-30 10:59:04 -04:00
Brian Clozel
80767ff6e9 Use sendError in ResponseStatusExceptionResolver
Prior to this commit, the `ResponseStatusExceptionResolver` would use:
* `HttpServletResponse.sendError` if both a status and a reason are set
on the `@ResponseStatus` annotation
* `HttpServletResponse.setStatus` if only a status is set on the
`@ResponseStatus` annotation

This is actually a change of behavior, since this Resolver was using
`sendError` in all cases previously.

Because this change can create issues such as
https://github.com/spring-projects/spring-boot/issues/3623
this commit rollbacks those changes and clarifies the behavior on the
javadoc of the annotation itself.

Issue: SPR-11193, SPR-13226
2015-07-30 16:10:01 +02:00
Juergen Hoeller
e8ef3654c6 Polishing 2015-07-30 12:16:59 +02:00
Juergen Hoeller
04348901f8 Unified createRequestConfig(Object) method, avoiding getInternalRequestConfig()
Issue: SPR-13125
2015-07-30 12:15:37 +02:00
Sam Brannen
725292081e Introduce 'value' alias for 'attribute' in @AliasFor
SPR-11512 introduced support for annotation attribute aliases via
@AliasFor, requiring the explicit declaration of the 'attribute'
attribute. However, for aliases within an annotation, this explicit
declaration is unnecessary.

This commit improves the readability of alias pairs declared within an
annotation by introducing a 'value' attribute in @AliasFor that is an
alias for the existing 'attribute' attribute. This allows annotations
such as @ContextConfiguration from the spring-test module to declare
aliases as follows.

public @interface ContextConfiguration {

     @AliasFor("locations")
     String[] value() default {};

     @AliasFor("value")
     String[] locations() default {};

    // ...
}

Issue: SPR-13289
2015-07-29 15:27:06 +02:00
Juergen Hoeller
e1a0c50046 Revised UriComponentsBuilder assertions
Issue: SPR-13257
2015-07-29 12:39:41 +02:00
Juergen Hoeller
d83735694e Polishing 2015-07-28 12:15:48 +02:00
Juergen Hoeller
efd7f9bf72 Polishing 2015-07-24 18:24:19 +02:00
Juergen Hoeller
f06581f5b8 Polishing 2015-07-22 14:20:12 +02:00
Juergen Hoeller
8196af4bc5 UriComponentsBuilder.fromUriString accepts empty URIs
Issue: SPR-13257
2015-07-22 14:17:16 +02:00
Brian Clozel
27bd8d0374 Polish documentation on HTTP date formats 2015-07-22 11:40:05 +02:00
Juergen Hoeller
edd6e76b9f Polishing 2015-07-21 22:58:34 +02:00
Juergen Hoeller
1a636b1023 Polishing 2015-07-21 20:33:13 +02:00
Brian Clozel
dba46c1358 Partial revert of SPR-13090
Use ServletHttpResponse.setDateHeader whenever possible and avoid using
SimpleDateFormat.
2015-07-20 22:48:20 +02:00
Sebastien Deleuze
57d55ddd56 Polish CorsFilter Javadoc 2015-07-20 11:14:37 +02:00
Sebastien Deleuze
70a03ee2a4 Rename CorsConfigurationMapping to UrlBasedCorsConfigurationSource
Issue: SPR-13192
2015-07-20 10:47:24 +02:00
Juergen Hoeller
203f1225c3 Polishing 2015-07-17 15:25:43 +02:00
Juergen Hoeller
9de824b73d AllEncompassingFormHttpMessageConverter registers MappingJackson2XmlHttpMessageConverter and GsonHttpMessageConverter (for consistency with RestTemplate and WebMvcConfigurationSupport)
Issue: SPR-13240
2015-07-17 15:24:12 +02:00
Juergen Hoeller
2934256257 Polishing 2015-07-15 00:08:11 +02:00
Stephane Nicoll
de6bbe7797 Handle null header value property
When using an Apache Http components based infrastructure, a null header
value is handled as the empty string. The exact same infrastructure using
HttpURLConnection generates a header with no colon. This is actually not
proper HTTP and some components fail to read such request.

We now make sure to call HttpURLConnection#addRequestProperty with the
empty String for a null header value.

Issue: SPR-13225
2015-07-14 10:34:28 +02:00
Juergen Hoeller
1fcd465f2d DelegatingFilterProxy autodetects a unique DispatcherServlet context
Issue: SPR-13191
2015-07-13 21:34:07 +02:00
Juergen Hoeller
8fdbf4285b Jackson2ObjectMapperBuilder prefers Jackson 2.6 JavaTimeModule over JSR310Module
Issue: SPR-13212
2015-07-13 17:41:57 +02:00
Sebastien Deleuze
84138abfd1 Avoid rejecting same-origin requests detected as CORS requests
Browsers like Chrome or Safari include an Origin header for same-origin
POST/PUT/DELETE requests, not only for cross-origin requests.

Before this commit, these same-origin requests would have been detected
as potential cross-origin requests, and rejected if the same-origin domain
is not part of the configured allowedOrigins.

This commit avoid to reject same-origin requests by reusing the logic
introduced in Spring 4.1 for detecting reliably Websocket/SockJS
same-origin requests with the WebUtils.isValidOrigin() method. This
logic has been extracted in a new WebUtils.isSameOrigin() method.

Issue: SPR-13206
2015-07-13 10:59:19 +02:00
Sebastien Deleuze
882fe129f3 Polish CORS support 2015-07-10 16:42:50 +02:00
Sebastien Deleuze
cd9b3903a7 Introduce CorsFilter and CorsConfigurationMapping
This commit introduces the following changes:
 - The new CorsConfigurationMapping class allows to share the mapped
   CorsConfiguration logic between AbstractHandlerMapping and CorsFilter
 - In AbstractHandlerMapping, the Map<String, CorsConfiguration>
   corsConfiguration property has been renamed to corsConfigurations
 - CorsFilter allows to process CORS requests at filter level, using any
   CorsConfigurationSource implementation (for example
   CorsConfigurationMapping)

Issue: SPR-13192
2015-07-09 22:19:46 +02:00
Sebastien Deleuze
dd16f64998 Polish @CrossOrigin javadoc 2015-07-07 10:01:22 +02:00
Sebastien Deleuze
8ee0e78980 Add Access-Control-Request-Method check for CORS preflight requests
Issue: SPR-13193
2015-07-07 09:34:39 +02:00
Rossen Stoyanchev
0d1b7fd14f Fix RequestPartServletServerHttpRequest encoding issue
When using Appache Commons FileUpload, multi parts with binary data
(i.e. that are not actual files) are saved and then accessed as
String request parameters.

Before this change however the RequestPartServletServerHttpRequest
used a fixed encoding (UTF-8) while the parsing code in
CommonsFileUploadSupport/Resolver used the encoding from the
content-type header, or the request, or the FileUpload component.

This change does a best effort to determine the encoding of the
request parameter using a similar algorithm as the parsing side
that should work the same unless the encoding comes from the
FileUpload component which is not accessible.

Issue: SPR-13096
2015-07-07 00:47:06 -04:00
Sam Brannen
0f7fc12569 Clean up warnings in spring-web 2015-07-06 18:30:20 +02:00
Juergen Hoeller
23124d106b CommonsMultipartResolver allows for specifying max upload size per file
Issue: SPR-13200
2015-07-06 14:01:51 +02:00
Juergen Hoeller
f0c6bff82a MultipartFile interface extends InputStreamSource
Issue: SPR-11861
2015-07-06 13:53:35 +02:00
Brian Clozel
85a80e2a94 Fix error message typo in ShallowEtagHeaderFilter
Issue: SPR-13194
2015-07-03 21:40:48 +02:00
Juergen Hoeller
265cd2ad1e Javadoc fine-tuning for 4.2 2015-06-30 18:02:42 +02:00
Juergen Hoeller
0411435bac XML parsing tests pass on non-English locales now, plus a revised exception message and some minor polishing
Issue: SPR-13136
(cherry picked from commit 38b8262e1e)
2015-06-30 17:16:45 +02:00
Rossen Stoyanchev
d79ec68db4 Disable DTD when parsing untrusted XML input
Issue: SPR-13136
2015-06-30 07:50:21 -04:00
Juergen Hoeller
4facb2fc22 ContentCachingResponseWrapper defensively applies content length in case of sendError/sendRedirect
Issue: SPR-13004
2015-06-30 12:45:43 +02:00
Juergen Hoeller
dc1f921f5c Split between basic MethodParameter and SynthesizingMethodParameter
This split avoids a package tangle (between core and core.annotation) and also allows for selective use of raw annotation exposure versus synthesized annotations, with the latter primarily applicable to web and message handler processing at this point.

Issue: SPR-13153
2015-06-30 00:02:02 +02:00
Brian Clozel
39d689da0c Fix conditional requests support for HttpEntity
Prior to this commit, `HttpEntityMethodProcessor` would rely on
`ServletWebRequest` to process conditional requests and with incoming
`"If-Modified-Since"` / `"If-None-Match"` request headers.

This approach is problematic since in that class:

* response is wrapped in a `ServletServerHttpResponse`
* this wrapped response does not write response headers right away
* `ServletWebRequest.checkNotModified` methods can't apply their
logic with incomplete response headers

This solution adds some minimal code duplication and applies
the conditional request logic within the Processor.

A possible alternative would be to improve the
`ServletServerHttpResponse$ServletResponseHttpHeaders` implementation
with write methods - but this solution would only work for Servlet 3.x
applications.

Issue: SPR-13090
2015-06-29 16:47:27 +02:00
Juergen Hoeller
a5349eb2f8 Base64Utils falls back to JAXB DatatypeConverter for String-based encoding
Issue: SPR-12938
2015-06-26 22:06:13 +02:00
Sam Brannen
8416752645 Polish Javadoc for MVC parameter binding annotations 2015-06-26 16:14:06 +02:00
Sebastien Deleuze
89cc8e0401 Restore compatibility with Jackson 2.1
Issue: SPR-12501
2015-06-26 02:18:29 +02:00