Commit Graph

1074 Commits

Author SHA1 Message Date
Rossen Stoyanchev
900bc8a2e3 Logging improvements for WebFlux
Issue: SPR-16898
2018-06-22 22:44:24 -04:00
Rossen Stoyanchev
28a5c3009e Improve DEBUG/TRACE logging for Spring MVC
Issue: SPR-16898
2018-06-18 18:33:11 -04:00
Rossen Stoyanchev
ebdcc015a4 Correctly set maxAge and expires in ResponseCookie
Issue: SPR-16940
2018-06-14 13:07:17 -04:00
Brian Clozel
09d9450154 Add SameSite support in WebFlux SESSION cookies
This commit adds support for the "SameSite" attribute in response
cookies. As explained in rfc6265bis, this attribute can be used to limit
the scope of a cookie so that it can't be attached to a request unless
it is sent from the "same-site".

This feature is currently supported by Google Chrome and Firefox, other
browsers will ignore this attribute.

This feature can help prevent CSRF attacks; this is why this commit adds
this attribute by default for SESSION Cookies in WebFlux.

See: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis

Issue: SPR-16418
2018-06-14 11:39:03 +02:00
Juergen Hoeller
3fc8ec498c MockHttpServletRequest returns a single InputStream or Reader
Issue: SPR-16505
Issue: SPR-16499
2018-06-13 22:03:16 +02:00
Brian Clozel
05ff8b722d Fix ResourceRegion HttpMessageConverter write checks
This commit fixes the write checks for
`ResourceRegionHttpMessageConverter`, which was previously not checking
properly the parameterized type (e.g. in case of a `List<Something>`).

Issue: SPR-16932
2018-06-11 22:53:55 +02:00
Brian Clozel
a5cd01a4c8 Restrict HTTP methods on Reactive HiddenHttpMethodFilter
This commit restricts the allowed HTTP methods on HiddenHttpMethodFilter
(Reactive variant) to the following: PUT, DELETE, PATCH.

This filter is meant to be used to simulate those methods from HTML
forms sent by browsers, so no other methods are allowed.

Issue: SPR-16836
2018-06-11 18:53:23 +02:00
Brian Clozel
f64fa3dea1 Restrict HTTP methods on Servlet HiddenHttpMethodFilter
This commit restricts the allowed HTTP methods on HiddenHttpMethodFilter
(Servlet variant) to the following: PUT, DELETE, PATCH.

This filter is meant to be used to simulate those methods from HTML
forms sent by browsers, so no other methods are allowed.

Issue: SPR-16836
2018-06-11 18:53:23 +02:00
Rossen Stoyanchev
86c861516d Accept Predicate instead of HandlerTypePredicate
Issue: SPR-16336
2018-06-08 15:32:07 -04:00
Sebastien Deleuze
ac37b678a3 Remove JSONP support
CORS is now widely supported and should be used instead for cross-domain
requests.

Issue: SPR-16914
2018-06-08 12:15:48 +02:00
Rossen Stoyanchev
124d4c833c Support for Servlet request params with HTTP DELETE
This commit adds FormContentFilter, which is the same as the
HttpPutFormContentFilter but also supports DELETE.

The HttpPutFormContentFilter is now deprecated.

Issue: SPR-16874
2018-06-04 15:48:47 -04:00
Rossen Stoyanchev
a3216432b5 Polish
Issue: SPR-16387
2018-05-31 15:38:30 -04:00
Violeta Georgieva
ffbc75ae47 Upgrade to Reactor Netty 0.8
Issue: SPR-16387
2018-05-31 15:37:39 -04:00
Juergen Hoeller
8593fec22c Avoid ConstantConditions warnings suppression (plus related polishing)
Issue: SPR-15756
2018-05-29 21:47:10 +02:00
Rossen Stoyanchev
c7c3e5585b X-Forwarded-Ssl is listed in ForwardedHeaderFilter
Issue: SPR-16863
2018-05-25 13:39:37 -04:00
Rossen Stoyanchev
3eac2dd31e Support X-Forwarded-Ssl
Issue: SPR-16863
2018-05-24 16:14:12 -04:00
Rossen Stoyanchev
72022899de Polish Forwarded header support 2018-05-23 21:23:23 -04:00
Rossen Stoyanchev
9b496b1264 CodecConfigurer internal refactoring
Improve how HTTP message writers are obtained for general use vs for
multipart requests.
2018-05-21 21:10:44 -04:00
Rossen Stoyanchev
6e5273f08e Polish CodecConfigurer support classes
Functionally equivalent updates to package private classes to improve
the code and make it easier to understand.
2018-05-21 21:09:42 -04:00
Rossen Stoyanchev
fbd12e9d16 Support for SslInfo in ServerHttpRequest#mutate
Issue: SPR-16830
2018-05-17 17:27:52 -04:00
Eddú Meléndez
48c3fa9908 Add visibility support to Jackson2ObjectMapperBuilder
Issue: SPR-16411
2018-05-15 10:45:20 +02:00
Rossen Stoyanchev
7fd0cac6f2 Include FormHttpMessageReader in client codecs
Issue: SPR-16804
2018-05-14 23:16:36 -04:00
Rossen Stoyanchev
f7d60b7f58 Add getResource to MultipartFile
Issue: SPR-16808
2018-05-14 09:04:33 -04:00
Rossen Stoyanchev
ab6a6f4e17 Merge multipart and query param values
DefaultMultipartHttpServletRequest always returned mulitpart parameter
values only rather than aggregating with query parameters, which
contradicts with Servlet spec, section 3.1, and is inconsistent with
StandardMultipartHttpServletRequest.

Issue: SPR-16590
2018-05-14 09:03:55 -04:00
Rossen Stoyanchev
15182b29a4 Add MockWebSession for use with MockServerWebExchange
Issue: SPR-16772
2018-05-11 10:53:28 -04:00
Rossen Stoyanchev
4da43de7e1 Remove individual detection of forwarded headers
This commit removes all places where forwarded headers are checked
implicitly, on an ad-hoc basis.

ForwardedHeaderFilter is expected to be used instead providing
centralized control over using or discarding such headers.

Issue: SPR-16668
2018-05-11 09:31:39 -04:00
Rossen Stoyanchev
d3f3b41f52 MockHttpServletResponse writer sets committed flag
Issue: SPR-16683
2018-05-10 16:22:54 -04:00
Rossen Stoyanchev
eef592d901 Add builder to MockServerWebExchange
Issue: SPR-16772
2018-05-10 15:16:13 -04:00
Sebastien Deleuze
af0cb53742 Support decoding Mono in Jaxb2XmlDecoder
Issue: SPR-16759
2018-05-02 12:10:46 +02:00
Juergen Hoeller
21fad8e205 SimpleClientHttpResponse catches any Exception on close
Issue: SPR-16773
2018-05-01 23:51:05 +02:00
Rossen Stoyanchev
85ee36b385 Uncomment tests that now work 2018-04-30 19:47:14 -04:00
Juergen Hoeller
a683472daa Support for non-standard HTTP status in reactive ClientHttpResponse
Issue: SPR-16748
2018-04-27 18:25:11 +02:00
Rossen Stoyanchev
9bc4e70e93 Better assertion message in MockPart
Issue: SPR-16767
2018-04-25 09:59:06 -04:00
Brian Clozel
69e3fde295 Avoid duplicate Accept header values in RestTemplate
Prior to this commit, the various `HttpMessageConverter` instances
configured for a given `RestTemplate` instance could all contribute
`MediaType` values to the "Accept:" request header.

This could lead to duplicate media types in that request header,
cluttering for the HTTP request for no reason.

This commit ensures that only distinct values are added to the request.

Issue: SPR-16690
2018-04-12 22:28:31 +02:00
sdeleuze
89d069b09d Add default ctor to Reactive UrlBasedCorsConfigurationSource
Issue: SPR-16712
2018-04-11 14:38:42 +02:00
Rossen Stoyanchev
4454ffd2b1 Replace remaining use of block operator 2018-03-31 11:18:38 -04:00
Stephane Maldini
b8d32095a9 workaround multipart integration test using blocking receive inside netty thread 2018-03-30 15:43:11 -07:00
Juergen Hoeller
b165475eb6 Polishing 2018-03-29 16:05:52 +02:00
Rossen Stoyanchev
f9e6ea5482 MvcResult returns asyncResult after asyncDispatch
Issue: SPR-16648
2018-03-28 22:15:16 -04:00
Juergen Hoeller
d95bbb6b1b Test for hasError keeping body available in case of unknown status code
Issue: SPR-16604
2018-03-28 12:16:03 +02:00
Rossen Stoyanchev
5861e9685b Always specify charset for form data requests
Issue: SPR-16613
2018-03-27 19:56:09 -04:00
Rossen Stoyanchev
f3994467c4 Refine ContentNegotiationStrategy contract
Consistently return "*/*" if no media types were requested rather than
an empty list. Existing code has to check for both in any case to see
if nothing was requested.

Issue: SPR-16624
2018-03-27 16:54:19 -04:00
Juergen Hoeller
ba5ef6456f WebFluxResponseStatusExceptionHandler for @ResponseStatus introspection
The web.server package is quite low-level and should not depend on web.bind in order to avoid a dependency cycle. Extracting the introspection of the ResponseStatus annotation into a WebFlux-level subclass resolves the cycle.

Issue: SPR-16567
2018-03-21 16:12:32 +01:00
Rossen Stoyanchev
842c29103f MultipartBodyBuilder supports PublisherEntity as input
Issue: SPR-16601
2018-03-16 16:18:05 -04:00
Rossen Stoyanchev
313c6cef32 Polish 2018-03-16 16:18:05 -04:00
Juergen Hoeller
f8588e364a AcceptHeaderLocaleResolver keeps language match among supported locales
Issue: SPR-16599
2018-03-16 14:17:50 +01:00
Rossen Stoyanchev
7de2650a70 Drop @WebServlet annotation
Issue: SPR-16591
2018-03-16 00:14:54 -04:00
Rossen Stoyanchev
72bbb2619d Commit actions are (properly) deferred
Issue: SPR-16597
2018-03-15 23:17:57 -04:00
Juergen Hoeller
d4a8f76bf9 Consistent volatile access to running flag in Lifecycle implementations
Issue: SPR-16488
2018-03-15 15:17:55 +01:00
Rossen Stoyanchev
b8d94f8a20 Improve WebFlux support for response status exceptions
Support @ResponseStatus annotated exceptions.
Supported root cause exceptions with response status information.

Issue: SPR-16567
2018-03-14 20:07:00 -04:00