Commit Graph

771 Commits

Author SHA1 Message Date
Juergen Hoeller
88e4006790 CookieLocaleResolver is RFC6265 and language tag compliant by default
Like CookieLocaleResolver, LocaleChangeInterceptor parses both locale formats by default now. Since it does not need to render the locale, its languageTagCompliant property is not relevant anymore at all.

The parseLocale method in StringUtils validates the locale value now and turns an empty locale into null, compatible with parseLocaleString behavior and in particular aligned with web locale parsing needs.

Issue: SPR-16700
Issue: SPR-16651
2018-07-17 17:57:59 +02:00
Juergen Hoeller
955665b419 Consistent processing of binding/validation failures for data classes
Includes an extension of SmartValidator for candidate value validation, as well as nullability refinements in Validator and BindingResult.

Issue: SPR-16840
Issue: SPR-16841
Issue: SPR-16854
2018-07-17 17:01:34 +02:00
Juergen Hoeller
b915e42c38 Resolve target type for GenericHttpMessageConverter.canWrite/write
Issue: SPR-16877
2018-07-16 19:45:35 +02:00
Juergen Hoeller
680afa75d8 ListableBeanFactory.getBeansOfType does not include null bean entries
Issue: SPR-17034
2018-07-14 01:02:39 +02:00
Rossen Stoyanchev
7b3a72f483 Warn when SimpleAsyncTaskExecutor is used
Issue: SPR-16203
2018-07-11 11:10:03 -04:00
Rossen Stoyanchev
a40d25a760 Remove no-op classes in web-related Java config 2018-07-11 11:10:03 -04:00
Brian Clozel
818e4b0776 Refine Content-Range support for Resources
This commit restricts the support of `"Content-Range"` when returning
`Resource` instances from Controllers - now only "HTTP 200 OK" responses
will be considered, as Controllers might want to handle content range
themselves.

Issue: SPR-16921
2018-07-10 12:11:23 +02:00
Juergen Hoeller
40efcc933c Polishing 2018-06-28 14:51:33 +02:00
Phillip Webb
a89e716cc7 Use tabs rather than spaces in tests
Update tests to ensure that tabs are used instead of spaces. Also
consistently apply a new line at the end of each file.

Issue: SPR-16968
2018-06-28 10:28:44 +02:00
Phillip Webb
1c25cec44f Polish test code
Polish a few issue identified when adding checkstyle to the
build. Although checkstyle is not enforcing rules on tests,
these are a few minor changes that are still worth making.

Issue: SPR-16968
2018-06-28 10:28:44 +02:00
Rossen Stoyanchev
28a5c3009e Improve DEBUG/TRACE logging for Spring MVC
Issue: SPR-16898
2018-06-18 18:33:11 -04:00
Rossen Stoyanchev
58cce615f5 MvcUriComponentsBuilder is aware of path prefixes
Issue: SPR-16336
2018-06-14 22:11:53 -04:00
Sebastien Deleuze
ac37b678a3 Remove JSONP support
CORS is now widely supported and should be used instead for cross-domain
requests.

Issue: SPR-16914
2018-06-08 12:15:48 +02:00
Rossen Stoyanchev
19dc981685 Path prefixes for groups of controllers
Issue: SPR-16336
2018-06-07 18:18:42 -04:00
Rossen Stoyanchev
3acb96efd0 CachingResourceResolver varies by known codings only
Issue: SPR-16381
2018-06-04 23:30:35 -04:00
Juergen Hoeller
f3e860e8f1 Resource handler tests expect status 404 for directory in jar file
Issue: SPR-16832
2018-05-30 00:31:35 +02:00
Juergen Hoeller
8593fec22c Avoid ConstantConditions warnings suppression (plus related polishing)
Issue: SPR-15756
2018-05-29 21:47:10 +02:00
Rossen Stoyanchev
85e8634810 Properly initialize URI/Matrix vars w/ urlDecode=false
Issue: SPR-16867
2018-05-24 15:08:39 -04:00
Rossen Stoyanchev
b472d192f4 Improve support for caching encoded resources
The key in CachingResourceResolver now includes the "Accept-Encoding"
request header cleaned to exclude "*", "identity", and parameters, and
also sorted alphabetically.

For encoded resources the response now includes a response header with
"Vary: Accept-Encoding".

Issue: SPR-16381
2018-05-23 09:17:21 -04:00
Rossen Stoyanchev
9274de390a Polish resource handling tests 2018-05-23 09:17:21 -04:00
Rossen Stoyanchev
5207672b3f Configurable support for static resource encodings
The new EncodedResourceResolver is a generalized version of
GzipResourceResolver that can be configured to support different
content codings, by "br" and "gzip".

GzipResourceResolver is now deprecated.

Issue: SPR-16381
2018-05-23 09:17:21 -04:00
Rossen Stoyanchev
395792b302 Produces media types cleared prior to error handling
Issue: SPR-16318
2018-05-14 23:16:36 -04:00
Rossen Stoyanchev
6cf6d8834c List OPTIONS in OPTIONS responses for @RequestMapping
Issue: SPR-16513
2018-05-14 09:05:03 -04:00
Rossen Stoyanchev
4da43de7e1 Remove individual detection of forwarded headers
This commit removes all places where forwarded headers are checked
implicitly, on an ad-hoc basis.

ForwardedHeaderFilter is expected to be used instead providing
centralized control over using or discarding such headers.

Issue: SPR-16668
2018-05-11 09:31:39 -04:00
Rossen Stoyanchev
1aadf2c3a6 Refine compareTo for param and header conditions
Issue: SPR-16674
2018-05-08 18:12:51 -04:00
Juergen Hoeller
c9f488363d Fine-tuned assertions and related polishing 2018-05-05 14:39:43 +02:00
Juergen Hoeller
7b894fe73b ResponseEntityExceptionHandler rethrows unknown exception (for further processing in DispatcherServlet's HandlerExceptionResolver chain)
Issue: SPR-16743
2018-05-05 12:46:58 +02:00
Johnny Lim
fb898e1727 Remove inconsistent spaces 2018-05-05 11:07:35 +02:00
Rossen Stoyanchev
de18d96413 Validate contextPath in RedirectView
Issue: SPR-16752
2018-04-23 15:26:18 -04:00
Brian Clozel
e9a8a5065b Disable HTTP Range support for InputStreamResource
Prior to this commit, the `AbstractMessageConverterMethodProcessor`
would fail to convert `InputStreamResource` to `ResourceRegion` as
expected, since the content length cannot be read without consuming the
stream. This is enforced by the `HttpRange` class.

Now the method processor would still try to output HTTP range response
headers to provide range support information. This step is using the
resource content length and reads the input stream, leading to
exceptions such as "IllegalStateException: InputStream has already been
read".

This commit improves the return type detection and excludes early
`InputStreamResource` return types. With those types, HTTP range support
is now completely disabled.

Issue: SPR-16754
2018-04-23 18:39:05 +02:00
sdeleuze
1d6540b1c2 Enable KotlinScriptTemplateTests after KT-18833 fix 2018-04-23 14:49:22 +02:00
Juergen Hoeller
7ee6130680 Revised reference example for linkable controller method signature
Issue: SPR-16710
2018-04-12 14:45:11 +02:00
Juergen Hoeller
f28a5d0cf7 Proper exception for controller method return types that do not work with MvcUriComponentsBuilder (e.g. final classes)
Includes direct use of ControllerMethodInvocationInterceptor for return type Object, avoiding the attempt to generate an Object subclass.

Issue: SPR-16710
2018-04-11 16:05:54 +02:00
Sam Brannen
aba882af4c Clean up warnings in spring-webmvc 2018-04-04 14:04:54 +02:00
Rossen Stoyanchev
240d6f52c9 Replaces rather than prepend contextPath
Issue: SPR-16650
2018-03-29 18:17:29 -04:00
Juergen Hoeller
b165475eb6 Polishing 2018-03-29 16:05:52 +02:00
Rossen Stoyanchev
f3994467c4 Refine ContentNegotiationStrategy contract
Consistently return "*/*" if no media types were requested rather than
an empty list. Existing code has to check for both in any case to see
if nothing was requested.

Issue: SPR-16624
2018-03-27 16:54:19 -04:00
Rossen Stoyanchev
0e28bee0f1 Clean duplicate separators in resource URLs
Most Servlet containers do this anyway, but not all, and not
consistently for forward and backslashes.

Issue: SPR-16616
2018-03-19 17:16:03 -04:00
Juergen Hoeller
f8588e364a AcceptHeaderLocaleResolver keeps language match among supported locales
Issue: SPR-16599
2018-03-16 14:17:50 +01:00
Brian Clozel
ed7684d2b2 Don't implicitly check preconditions on PUT requests
Prior to this commit, the `HttpEntityMethodProcessor` would check HTTP
conditions on non-safe requests (i.e. not GET/HEAD). This would prevent
Controllers from returning `ResponseEntity` containing response headers
with updated values of `"Last-Modified"` or `ETag` once the resource has
been updated.

This commit avoids those checks for non GET/HEAD requests - this code
can still be leveraged from Controllers themselves using
`ServletWebRequest::checkNotModified` methods.

Issue: SPR-15780
2018-03-08 19:43:01 +01:00
Brian Clozel
6d26e61ac7 Guard against invalid paths in ResourceUrlProvider
This commit makes sure that no `StringIndexOutOfBoundsException` is
thrown when `getForRequestUrl` is called with a URL that's shorter than
the expected context path.

Issue: SPR-16526
2018-03-05 15:26:56 +01:00
Juergen Hoeller
0de36d2883 Consistent HttpMethod identity comparisons 2018-02-18 22:01:22 +01:00
Juergen Hoeller
3b810f3544 Consistent Class array vs vararg declarations (and related polishing) 2018-02-14 14:44:00 +01:00
Juergen Hoeller
46cbdff5c3 Consistent ControllerAdvice applicability against user-declared class
Issue: SPR-16496
2018-02-14 14:41:16 +01:00
igor-suhorukov
0ee505b73e Polish: assertion arguments should be passed in the correct order,
use assertNull instead of assertEquals(null, value),
declare delta as double value in assertEquals
2018-02-10 17:17:28 +01:00
Juergen Hoeller
4dc964544f AcceptHeaderLocaleResolver falls back to language-only match among its supported locales
Issue: SPR-16457
2018-02-02 12:41:59 +01:00
Juergen Hoeller
4a1cc9ced7 Constructor-provided field values get recorded for failed binding result
Also, TypeMismatchExceptions get registered via BindingErrorProcessor.

Issue: SPR-16449
2018-02-02 11:33:56 +01:00
Juergen Hoeller
121f9e3734 BridgeMethodResolver properly resolves all declared interfaces
Issue: SPR-16288
2018-01-11 10:18:27 +01:00
Rossen Stoyanchev
ea73ec5c41 ResourceUrlProvider handles sanitizes double slashes
Issue: SPR-16296
2018-01-10 17:48:43 -05:00
sdeleuze
652e5c5584 Disable CORS credentials by default
Access-Control-Allow-Credentials CORS header, used to
allow cookies with CORS requests, is not set to true
anymore by default when enabling CORS with
@CrossOrigin or global CORS configuration in order to
provide a more secured default CORS configuration.

The related allowCredentials property now requires to
be set to true explicitly in order to support cookies
with CORS requests.

Issue: SPR-16130
2017-11-22 22:46:44 +01:00