Commit Graph

674 Commits

Author SHA1 Message Date
Juergen Hoeller
5bfa82db12 Javadoc fixes
(cherry picked from commit 9bb72e8)
2015-11-27 13:51:51 +01:00
Juergen Hoeller
71fc2ba174 Polishing 2015-11-14 23:32:36 +01:00
Juergen Hoeller
48838d48d2 Fixed various code examples in documentation
Issue: SPR-13666
Issue: SPR-13485
Issue: SPR-10474
2015-11-14 23:32:07 +01:00
Juergen Hoeller
df49b11758 CommonsMultipartFile removes mixed separator paths from original filename
Issue: SPR-13662
(cherry picked from commit 5d9d88c)
2015-11-14 23:16:13 +01:00
Rossen Stoyanchev
f5f57e9544 Expand range of whitelisted extensions by media type
This commit expands the range of whitelisted extensions by checking
if an extension can be resolved to image/*, audio/*, video/*, as well
as any content type that ends with +xml.

Issue: SPR-13643
2015-11-11 17:46:36 -05:00
Rossen Stoyanchev
cde4431c80 Add containsKey to ServletResponseHttpHeaders
Issue: SPR-13668
2015-11-11 14:28:34 -05:00
Rossen Stoyanchev
71a9eb7102 Add section on RFD + whitelist yml/properties/csv
Issue: SPR-13643
2015-11-05 19:42:30 -05:00
Rossen Stoyanchev
a95c3d820d Protect against RFD exploits
Issue: SPR-13548
2015-10-15 10:32:51 +02:00
Juergen Hoeller
5d36ac08ef Added missing @since tags to DeferredResult 2015-10-14 14:48:48 +02:00
Juergen Hoeller
799a03e98d Polishing 2015-10-13 16:44:51 +02:00
Juergen Hoeller
13283ec918 Polishing 2015-10-12 23:24:36 +02:00
Juergen Hoeller
ca60d796a8 Clarified that getBody() never returns null
As the only place that historically differed, HttpComponents(Async)ClientHttpResponse returns an empty stream instead of null now.

Issue: SPR-13563
(cherry picked from commit a5f81a0)
2015-10-12 23:24:29 +02:00
Juergen Hoeller
7202793db0 Polishing
(cherry picked from commit bc13cb2)
2015-09-10 14:45:34 +02:00
Juergen Hoeller
045016ebf9 DeferredResult accessors based on volatile fields for proper visibility
Issue: SPR-13451
(cherry picked from commit ae0d945)
2015-09-10 14:44:51 +02:00
Juergen Hoeller
38db9fa855 Polishing
(cherry picked from commit 667fc7e)
2015-09-08 14:48:05 +02:00
Juergen Hoeller
2dcf52797c Consistent and defensive Servlet 3.0 method calls across Spring's web abstraction
(in particular, also working in debug mode where method references may get resolved early, so ternary expressions are to be avoided)
2015-09-02 18:42:43 +02:00
Juergen Hoeller
de0f3aec53 Undo AsyncRestTemplate's catching of Throwable in 4.1.x
Issue: SPR-13413
Issue: SPR-12887
2015-09-02 18:36:55 +02:00
Juergen Hoeller
856561fa6e AsyncRestTemplate and FutureAdapter consistently throw ExecutionException
Issue: SPR-13413
(cherry picked from commit 2bb7164)
2015-09-02 17:23:32 +02:00
Juergen Hoeller
a35f71964a Polishing 2015-08-26 00:44:32 +02:00
Juergen Hoeller
7575271075 Polishing 2015-07-30 17:52:33 +02:00
Brian Clozel
2c32873309 Fix error message typo in ShallowEtagHeaderFilter
Issue: SPR-13194
2015-07-03 21:44:41 +02:00
Rossen Stoyanchev
c4e0f14ec4 Polish tests 2015-06-30 12:10:01 -04:00
Juergen Hoeller
38b8262e1e XML parsing tests pass on non-English locales now, plus a revised exception message and some minor polishing
Issue: SPR-13136
2015-06-30 16:02:17 +02:00
Rossen Stoyanchev
9c3580d04e Disable DTD when parsing untrusted XML input
Issue: SPR-13136
2015-06-30 08:58:03 -04:00
Juergen Hoeller
f1b42b7d8f ContentCachingResponseWrapper defensively applies content length in case of sendError/sendRedirect
Issue: SPR-13004
(cherry picked from commit 4facb2f)
2015-06-30 14:25:57 +02:00
Juergen Hoeller
d08c0669da Polishing 2015-06-16 01:42:51 +02:00
Juergen Hoeller
bccdefdf30 Polishing 2015-06-11 18:01:00 +02:00
Juergen Hoeller
6f7ad3b1c0 WebAsyncUtils avoids reflection for creating StandardServletAsyncWebRequest
Issue: SPR-13112
(cherry picked from commit 32b9ea9)
2015-06-11 17:59:30 +02:00
Juergen Hoeller
bf38b3a4fc Polishing
(cherry picked from commit 92bf32b)
2015-05-23 20:37:21 +02:00
Juergen Hoeller
6cdc208c73 Polishing 2015-05-23 00:09:58 +02:00
Juergen Hoeller
3c6f1f8352 Polishing 2015-05-22 17:24:40 +02:00
Juergen Hoeller
a8f75399f8 Javadoc fixes 2015-05-11 19:04:29 +02:00
Juergen Hoeller
ce4e795f09 Polishing 2015-05-11 18:05:09 +02:00
Juergen Hoeller
fb7476f543 InvocableHandlerMethod logs argument resolution exceptions at debug level
Issue: SPR-12925
(cherry picked from commit 10a51a4)
2015-05-11 15:34:57 +02:00
Juergen Hoeller
8f6ac19f50 HttpEntity and its subclasses insist on same target type for equality
Issue: SPR-12910
(cherry picked from commit af272c2)
2015-05-11 15:29:23 +02:00
Rossen Stoyanchev
b44044e36f Allow "ws" and "wss" for isValidCorsOrigin checks
Issue: SPR-12956
2015-05-04 11:02:55 -04:00
Arjen Poutsma
e799554ab8 Netty4ClientHttpRequest ignores query params
Before this commit, Netty4ClientHttpRequest ignored query parameters
(?foo=bar). This commit fixes that.

Issue: SPR-12779
(cherry picked from commit caee78a)
2015-04-01 17:11:50 +02:00
Juergen Hoeller
35bf96763d Polishing 2015-03-31 18:42:28 +02:00
Juergen Hoeller
52ed9b7106 Consistent javadoc param declarations for type variables
(cherry picked from commit d23893f)
2015-03-25 01:02:40 +01:00
Juergen Hoeller
673dac5620 Removed outdated references to Servlet 2.3/2.4 2015-03-24 21:21:18 +01:00
Juergen Hoeller
8d14e7736a Polishing
(cherry picked from commit 162ee36)
2015-03-21 00:35:08 +01:00
Juergen Hoeller
5f95ff6bfd Optimized access to resolved bean type (avoiding BeanFactory locks)
Revised HandlerMethod.getBeanType() impl for both web and messaging.
In addition, HandlerMethods get created with the internal BeanFactory now.

Issue: SPR-12832
(cherry picked from commit 898c24f)
2015-03-20 23:58:22 +01:00
Juergen Hoeller
ce84fafde4 ContentCachingRequestWrapper converts IOException to IllegalStateException
Issue: SPR-12810
2015-03-13 20:19:31 +01:00
Juergen Hoeller
b352dbfdeb Polishing (in particular updating javadoc references to Apache Commons)
(cherry picked from commit bc6a98c)
2015-03-13 20:13:21 +01:00
Rossen Stoyanchev
f42c53d9be Support comma-separated X-Forwarded-Proto
Issue: SPR-12816
2015-03-13 13:05:11 -04:00
Brian Clozel
151e96cac4 Fix InputStream caching in ContentCachingReqWrapper
Prior to this commit, the ContentCachingRequestWrapper would immediately
consume the wrapped request's InputStream when asked for the cached
content; that caused several issues:

* the request body was read in memory even if it wasn't yet consumed by
the application, leading to inefficiencies.
* when requesting the InputStream, an empty InputStream was returned
since the original was already read.

This case only happened for form POSTs requests.

This commit makes sure that the wrapper does not alter the request
expected behavior:

* when getting the inputstream, it is wrapped in order to cache its
content
* when getting request parameters, the request body is cached and its
inputstream is consumed, as expected

Issue: SPR-12810
2015-03-13 16:11:17 +01:00
Rossen Stoyanchev
a522fa36af Support comma-separated X-Forwarded-Port
Issue: SPR-12813
2015-03-13 10:02:14 -04:00
Rossen Stoyanchev
5c463a1680 Move X-Forwarded-* tests to UriComponentsBuilderTests 2015-03-13 10:02:00 -04:00
Juergen Hoeller
cb6459c271 ResponseEntity's headers(HttpHeaders) accepts null value
Issue: SPR-12792
(cherry picked from commit 73e8021)
2015-03-10 15:19:06 +01:00
Juergen Hoeller
6b9e89118f StandardMultipartFile declares itself as Serializable now
Issue: SPR-12795
(cherry picked from commit 5ba7b89)
2015-03-10 15:18:43 +01:00