Commit Graph

421 Commits

Author SHA1 Message Date
mhartsock Melissa Hartsock
b077b4dddb Fix media type lookup case sensitivity
Fixed a bug where the URL content negotiation "format" parameter values
were case sensitive and only lowercase values were accepted. For
example, URL query parameter format=json returned the appropriate JSON
response but format=JSON resulted in a
HttpMediaTypeNotAcceptableException and returned:

406 - The resource identified by this request is only capable of
generating responses with characteristics not acceptable according to
the request "accept" headers.

When the MappingMediaTypeFileExtensionResolver is constructed, it is
passed a map containing the media type key to MediaType mappings
defined in the ContentNegotiationConfigurer. In the constructor of
MappingMediaTypeFileExtensionResolver, the keys are converted to
lowercase and the mappings of keys to MediaTypes are added to the
ConcurrentMap<String, MediaType> mediaTypes using the lowercase
version of the keys. However, when retrieving the MediaType from a key
in the lookupMediaType method, no conversion to lowercase is performed
so any value for the URL "format" parameter other than the lowercase
version will not return the proper MediaType result.

On May 1st, 2014, a change was made to
ParameterContentNegotiationStrategy to handle cases where the content
negotiation format URL parameter does not result in a match for a
MediaType. If no match is found, a HttpMediaTypeNotAcceptableException
is thrown resulting in the 406 response above. Prior to this commit, a
null was returned instead of throwing an exception so this issue was
hidden and appeared to function correctly.

To make the media type lookup case insensitive, added a line to the
lookupMediaType method in MediaTypeFileExtensionResolver to first
convert the extension (media type key) to lowercase prior to attempting
to retrieve it from the mediaTypes map.

Issue: SPR-13747
2015-12-01 16:16:57 -05:00
Rossen Stoyanchev
fed4391f87 Fix issue in UriTemplate parsing
The recent commit 971f04 replaced the use of a NAMES_PATTERN regex in
favor of direct parsing in order to deal with nested curly braces.

The change also incorrectly replicated this logic which removes a
trailing slash after Pattern quoting (and not before):

cca037a74d/spring-web/src/main/java/org/springframework/web/util/UriTemplate.java (L207-L210)

After some more investigation there doesn't appear to be any scenario
where the quoted pattern would end with a trailing slash. It should
always end with \E (end of quote) or a ")" (end of group). Nor are
there any failing tests so this commit removes the logic altogether.

Issue: SPR-13705
2015-11-30 17:46:28 -05:00
Brian Clozel
9d9433a6eb Flush of underlying response in ContentCachingResponseWrapper
Prior to this commit, when adding a ShallowEtagHeaderFilter to an
application, the ServletResponse would be wrapped by a
ContentCachingResponseWrapper. When any part of the Spring
infrastructure calls `flushBuffer` on the wrapped response, the call is
delegated to the actual response, which is committed. It's not possible
to alter the response (headers, content) anymore - the ETag filter can't
act.

This change prevents the `flushBuffer` call to be delegated and only
commits the underlying response once the cached content is copied to the
actual response stream.

Issue: SPR-13717
2015-11-24 17:26:03 +01:00
Sebastien Deleuze
71e2d8e9de Handle correctly * in CorsConfiguration#combine() other parameter
Issue: SPR-13674
2015-11-12 10:40:32 +01:00
Rossen Stoyanchev
62af99a21c Add containsKey to ServletResponseHttpHeaders
Issue: SPR-13668
2015-11-11 14:22:26 -05:00
Juergen Hoeller
5d9d88c44d CommonsMultipartFile removes mixed separator paths from original filename
Issue: SPR-13662
2015-11-10 23:43:40 +01:00
Juergen Hoeller
760bc719f2 Polishing 2015-11-09 15:03:14 +01:00
Juergen Hoeller
bc7bcab578 Consistent method selection for listeners and endpoint mappings
Issue: SPR-13654
2015-11-09 14:57:45 +01:00
Rossen Stoyanchev
971f046913 Replace NAMES_PATTERN in UriTemplate
The URI template is now manually parsed vs using a regex to extract
URI variable names and to create a pattern for matching to actual URLs.
This provides more control to deal with nested curly braces.

Issue: SPR-13627
2015-11-05 09:39:10 -05:00
Juergen Hoeller
64a8dfbd12 CharacterEncodingFilter provides convenience constructors for Servlet 3.0 style usage
Issue: SPR-13572
2015-10-26 22:48:54 +01:00
Rossen Stoyanchev
2bd1daa75e Protect against RFD exploits
Issue: SPR-13548
2015-10-15 10:33:27 +02:00
Juergen Hoeller
66177dfd8c StreamUtils.emptyInput() for consistent empty InputStream exposure
Issue: SPR-13563
2015-10-12 22:25:40 +02:00
Rossen Stoyanchev
1e4f674db7 Polish 2015-10-09 12:34:30 -04:00
Sam Brannen
f489e43d31 Polishing 2015-10-08 15:18:31 +02:00
Brian Clozel
758ae98af2 Sanitize duplicate slashes in request path
This commit removes duplicate slashes in the resolved lookup path when
calling `UrlPathHelper.getLookupPathForRequest`. This is especially
necessary when the path is cleaned from semicolon content and leaves
duplicate slashes in the request path.

Issue: SPR-13455
2015-10-08 11:05:51 +02:00
Sam Brannen
3db62d5494 Remove MimeTypeResolver since JAF is part of Java SE 6+
The inner MimeTypeResolver class is no longer necessary in the
MockServletContext since the Java Activation Framework (JAF) is a
standard part of Java SE since Java 6.
2015-10-06 15:56:00 +02:00
Sam Brannen
c52f9d3524 Assert status quo & add TODO
Issue: SPR-13537
2015-10-04 18:16:50 +02:00
Sebastien Deleuze
1c6febc45c Make UriComponentsBuilder.fromOriginHeader() IPv6 compliant
Issue: SPR-13525
2015-10-02 16:55:12 +02:00
Brian Clozel
39726740e5 Guard against invalid response status
ServletWebRequest now guard against invalid HTTP response status when
processing conditional requests.

Issue: SPR-13516
2015-09-30 18:40:59 +02:00
Sebastien Deleuze
9c66dfa7b5 Avoid stacktrace for invalid Origin header values
This commit adds support for origins with a trailing slash or a path,
in order to avoid printing a stacktrace in the logs when
WebUtils#isSameOrigin(HttpRequest) parses such invalid Origin header
value.

Issue: SPR-13478
2015-09-28 11:03:51 +02:00
Sam Brannen
d5ee787e1e Migrate JUnit 3 tests to JUnit 4
This commit migrates all remaining tests from JUnit 3 to JUnit 4, with
the exception of Spring's legacy JUnit 3.8 based testing framework that
is still in use in the spring-orm module.

Issue: SPR-13514
2015-09-27 21:17:51 +02:00
Sebastien Deleuze
48b512c5f4 Update Jackson builder to set properly AUTO_DETECT_IS_GETTERS
Issue: SPR-13073
2015-09-22 11:41:31 +02:00
Juergen Hoeller
1feb757c54 ResourceHttpMessageConverter allows for using InputStreamResource
Issue: SPR-13443
2015-09-08 11:04:34 +02:00
Sam Brannen
8af0151f1b Suppress recent deprecation warnings in tests 2015-08-27 17:57:50 +02:00
Rossen Stoyanchev
2e79a30fed Properly expand URI vars with regex
Before this commit UriComponents was capable of expanding URI vars that
may have contained a regular expressions (as supported with
@RequestMapping for example). However if the regular expressions
contained any nested "{}" the expand did not work correctly.

This commit sanitizes a URI template source removing any content
between nested "{}" prior to expanding. This works since we only care
about the URI variable name.

Issue: SPR-13311
2015-08-25 21:48:02 -04:00
Brian Clozel
88405be8a5 Quote ETags set with ResponseEntity builder API
Prior to this change, trying to set an unquoted ETag with
`ResponseEntity`'s API would throw an `IllegalArgumentException`.

This commit automatically quotes ETag values set using ResponseEntity.

Issue: SPR-13378
2015-08-24 09:54:08 +02:00
Sam Brannen
2df3646e90 Let Jetty pick its own available port
In an attempt to make our Jetty-based integration tests more robust,
this commit discontinues use of SocketUtils for picking a random,
available port and instead lets the Jetty Server pick its own port.
2015-08-22 18:58:55 +02:00
Rossen Stoyanchev
473dd5e9e8 Unwrap if necessary for MultipartHttpServletRequest
Before this commit RequestPartServletServerHttpRequest simply did an
instanceof check for MultipartHttpServletRequest. That hasn't failed
because request wrapping typically happens in filters before the
DispatcherServlet calls the MultipartResolver.

With Spring MVC Test and the Spring Security integraiton however,
this order is reversed since there we prepare the multipart request
upfront, i.e. there is no actual parsing.

The commit unwraps the request if necessary.

Issue: SPR-13317
2015-08-21 10:28:08 -04:00
Sebastien Deleuze
be7514f490 Polish Jackson2ObjectMapperBuilderTests 2015-08-18 14:28:16 +02:00
Craig Andrews
cccf5f65f5 Register jackson-datatype-jdk7 module when using Java 7
Issue: SPR-13354
2015-08-18 14:20:08 +02:00
Sebastien Deleuze
4338719d98 Serialize with type only collections in Jackson HttpMessageConverter
Issue: SPR-13318
2015-08-17 17:17:51 +02:00
Sam Brannen
44a7c78753 Overhaul CauchoRemotingTests & reinstate SimpleHessianServiceExporter test 2015-08-13 21:27:49 +02:00
Sam Brannen
2c120d0d28 Clean up warnings in spring-web tests 2015-08-13 16:04:52 +02:00
Sam Brannen
be2f56262b Make FormHttpMessageConverterTests more robust 2015-08-13 15:06:39 +02:00
Rossen Stoyanchev
257cc63141 Restore order in AllEncompassingFormHttpMessageConverter
Issue: SPR-13309
2015-08-13 07:45:25 -04:00
Rossen Stoyanchev
28a42d1482 Polish FromHttpMessageConverterTests 2015-08-13 07:30:09 -04:00
Rossen Stoyanchev
27cd87926a StandardServletAsyncWebRequest handling for onError
This change ensures that an onError outcome from an async request is
also routed to onCompletion handlers registered with
StandardServletAsyncWebRequest.

Issue: SPR-13292
2015-07-30 10:59:04 -04:00
Rossen Stoyanchev
24285956a5 Polish 2015-07-30 10:59:04 -04:00
Juergen Hoeller
e1a0c50046 Revised UriComponentsBuilder assertions
Issue: SPR-13257
2015-07-29 12:39:41 +02:00
Sam Brannen
b6c0e7cba3 Remove trailing whitespace in Java source code 2015-07-27 12:40:54 +02:00
Sam Brannen
2afbfb2c0d Polishing 2015-07-23 13:32:26 +02:00
Brian Clozel
43e36e2dee Improve DateHeaders in MockServletRequest/Response
Prior to this change, calling the `setDateHeader` method on a
Spring Test MockHttpServletResponse instance would just store the given
long value in a Map, not writing it as a formatted date String.
Also, calling `getDateHeader` on a MockHttpServletRequest would not
support date strings and could not parse those values.

This can be problematic when testing features related to date headers
such as "Expires", "If-Modified-Since", "Last-Modified", etc.

This commit adds formatting and parsing capabilities to Servlet Mocks
for date strings in HTTP headers.

When formatting dates to Strings, the date format used is the one
preferred by the HTTP RFC. When parsing date Strings, multiple date
formats are supported for better compatibility.

Issue: SPR-11912
2015-07-23 11:12:28 +02:00
Sam Brannen
6b84c332fd Polishing 2015-07-21 15:13:21 +02:00
Brian Clozel
088a50c1fb Improve setDateHeader impl in MockServletResponse
Prior to this change, calling the `setDateHeader` method on a
MockHttpServletResponse instance (internal implementation for testing
the spring-web module) would just store the given long value in a Map,
not writing it as a formatted date String.

This can be problematic when testing features related to date headers
such as "Expires", "If-Modified-Since", "Last-Modified", etc.

This commit formats long dates into date Strings using the date format
recommended by the RFC and the GMT time zone.
2015-07-21 14:28:44 +02:00
Brian Clozel
dba46c1358 Partial revert of SPR-13090
Use ServletHttpResponse.setDateHeader whenever possible and avoid using
SimpleDateFormat.
2015-07-20 22:48:20 +02:00
Sebastien Deleuze
70a03ee2a4 Rename CorsConfigurationMapping to UrlBasedCorsConfigurationSource
Issue: SPR-13192
2015-07-20 10:47:24 +02:00
Sam Brannen
e9f64cf9ae Sync Servlet mocks between spring-test & spring-web 2015-07-19 20:23:51 +02:00
Sam Brannen
9124907b29 Polish and simplify Jackson2ObjectMapperFactoryBeanTests 2015-07-19 19:29:12 +02:00
Sam Brannen
5f3506ae8f Suppress build warnings in tests 2015-07-19 19:28:16 +02:00
Juergen Hoeller
f4f508d869 Revisit date-time tests for compatibility with JDK 9 build 72
Issue: SPR-13232
2015-07-14 23:58:30 +02:00