Commit Graph

775 Commits

Author SHA1 Message Date
Juergen Hoeller
bc7bcab578 Consistent method selection for listeners and endpoint mappings
Issue: SPR-13654
2015-11-09 14:57:45 +01:00
Juergen Hoeller
a1bf941ec4 CommonsFileUploadSupport applies maxUploadSizePerFile to FileUpload copy as well
Issue: SPR-13653
2015-11-08 20:21:39 +01:00
Rossen Stoyanchev
a3168fde18 Expand range of whitelisted extensions by media type
This commit expands the range of whitelisted extensions by checking
if an extension can be resolved to image/*, audo/*, video/*, as well
as any content type that ends with +xml.

Issue: SPR-13643
2015-11-06 16:45:41 -05:00
Rossen Stoyanchev
da707c15b3 Update Javadoc
Issue: SPR-13530
2015-11-05 22:15:09 -05:00
Rossen Stoyanchev
ac975df448 Fix javadoc ambiguity
Issue: SPR-13642
2015-11-05 20:02:37 -05:00
Rossen Stoyanchev
f0464e8176 Add section on RFD + whitelist yml/properties/csv
Issue: SPR-13643
2015-11-05 19:31:29 -05:00
Rossen Stoyanchev
971f046913 Replace NAMES_PATTERN in UriTemplate
The URI template is now manually parsed vs using a regex to extract
URI variable names and to create a pattern for matching to actual URLs.
This provides more control to deal with nested curly braces.

Issue: SPR-13627
2015-11-05 09:39:10 -05:00
Sebastien Deleuze
09cb286c84 Add MediaType.APPLICATION_JSON_UTF8
Add new MediaType.APPLICATION_JSON_UTF8 and
MediaType.APPLICATION_JSON_UTF8_VALUE constants for
"application/json;charset=UTF-8" content type in order to make it
easier to override @RequestMapping "produces" attribute without
losing the default JSON charset (UTF-8).

Issue: SPR-13600
2015-11-03 12:20:39 +01:00
Juergen Hoeller
cca037a74d Polishing 2015-11-02 14:42:46 +01:00
Sebastien Deleuze
62cd6ad526 Add @RequestMapping produces documentation about charset
Issue: SPR-13600
2015-11-02 07:48:02 +01:00
Juergen Hoeller
64a8dfbd12 CharacterEncodingFilter provides convenience constructors for Servlet 3.0 style usage
Issue: SPR-13572
2015-10-26 22:48:54 +01:00
Sebastien Deleuze
994a11da3e Document default charset in Jackson message converters Javadoc
Issue: SPR-13600
2015-10-26 11:39:00 +01:00
Rossen Stoyanchev
2bd1daa75e Protect against RFD exploits
Issue: SPR-13548
2015-10-15 10:33:27 +02:00
Juergen Hoeller
8ac3ec5cf7 Added missing @since tags to DeferredResult
(cherry picked from commit 5d36ac0)
2015-10-14 17:15:09 +02:00
Juergen Hoeller
59637ee708 Support for Jackson's default typing via TypeResolverBuilder
Issue: SPR-13569
2015-10-13 15:06:23 +02:00
Juergen Hoeller
a5f81a0433 Clarified that getBody() never returns null
As the only place that historically differed, HttpComponents(Async)ClientHttpResponse returns an empty stream instead of null now.

Issue: SPR-13563
2015-10-12 22:26:11 +02:00
Juergen Hoeller
66177dfd8c StreamUtils.emptyInput() for consistent empty InputStream exposure
Issue: SPR-13563
2015-10-12 22:25:40 +02:00
Juergen Hoeller
6256586047 Polishing 2015-10-12 18:12:31 +02:00
Juergen Hoeller
4391b299d9 Annotation-level javadoc for Model parameter on exception handler methods
Issue: SPR-13546
2015-10-12 18:11:48 +02:00
Rossen Stoyanchev
1e4f674db7 Polish 2015-10-09 12:34:30 -04:00
Brian Clozel
758ae98af2 Sanitize duplicate slashes in request path
This commit removes duplicate slashes in the resolved lookup path when
calling `UrlPathHelper.getLookupPathForRequest`. This is especially
necessary when the path is cleaned from semicolon content and leaves
duplicate slashes in the request path.

Issue: SPR-13455
2015-10-08 11:05:51 +02:00
Sebastien Deleuze
1c6febc45c Make UriComponentsBuilder.fromOriginHeader() IPv6 compliant
Issue: SPR-13525
2015-10-02 16:55:12 +02:00
Rossen Stoyanchev
42e5ad4111 Polish 2015-09-30 14:05:08 -04:00
Brian Clozel
39726740e5 Guard against invalid response status
ServletWebRequest now guard against invalid HTTP response status when
processing conditional requests.

Issue: SPR-13516
2015-09-30 18:40:59 +02:00
Rossen Stoyanchev
24a91b43cc Polish content negotiation 2015-09-29 17:08:37 -04:00
Sebastien Deleuze
9c66dfa7b5 Avoid stacktrace for invalid Origin header values
This commit adds support for origins with a trailing slash or a path,
in order to avoid printing a stacktrace in the logs when
WebUtils#isSameOrigin(HttpRequest) parses such invalid Origin header
value.

Issue: SPR-13478
2015-09-28 11:03:51 +02:00
Juergen Hoeller
11b4e3be2c Consistent HttpMethod resolution against underlying HttpServletRequest 2015-09-24 20:53:22 +02:00
Brian Clozel
55db4ae94b Document that @ResponseStatus overrides redirect views
Issue: SPR-13439
2015-09-24 18:43:51 +02:00
Juergen Hoeller
ebe128e940 Polishing 2015-09-24 00:33:14 +02:00
Sebastien Deleuze
48b512c5f4 Update Jackson builder to set properly AUTO_DETECT_IS_GETTERS
Issue: SPR-13073
2015-09-22 11:41:31 +02:00
Sam Brannen
e2bfbdcfd1 Support attribute overrides with @ResponseStatus
This commit introduces support for attribute overrides for
@ResponseStatus when @ResponseStatus is used as a meta-annotation on
a custom composed annotation.

Specifically, this commit migrates all code that looks up
@ResponseStatus from using AnnotationUtils.findAnnotation() to using
AnnotatedElementUtils.findMergedAnnotation().

Issue: SPR-13441
2015-09-11 21:05:30 +02:00
Sam Brannen
4a49ce9694 Polish Javadoc for @ResponseStatus 2015-09-11 16:40:55 +02:00
Juergen Hoeller
bc13cb2af5 Polishing 2015-09-10 14:05:06 +02:00
Juergen Hoeller
ae0d945a05 DeferredResult accessors based on volatile fields for proper visibility
Issue: SPR-13451
2015-09-10 14:04:35 +02:00
Juergen Hoeller
52fdfd59ab Polishing 2015-09-08 18:11:30 +02:00
Juergen Hoeller
1feb757c54 ResourceHttpMessageConverter allows for using InputStreamResource
Issue: SPR-13443
2015-09-08 11:04:34 +02:00
Juergen Hoeller
667fc7e4a9 Polishing 2015-09-04 14:38:47 +02:00
Juergen Hoeller
eeab7f38a2 Fixed generateETagHeaderValue's IOException handling
Issue: SPR-12081
2015-09-02 19:43:15 +02:00
Juergen Hoeller
2fa1caca0c ServletWebRequest.checkNotModified avoids HttpServletResponse.getHeader calls on Servlet 2.5
Includes a revision for consistent and defensive Servlet 3.0 method calls across Spring's web abstraction (in particular, also working in debug mode where method references may get resolved early, so ternary expressions are to be avoided).

Issue: SPR-13420
2015-09-02 14:17:42 +02:00
Sebastien Deleuze
542e21b3f6 Polish Jackson2ObjectMapperBuilder/FactoryBean javadoc 2015-08-31 21:18:08 +02:00
Juergen Hoeller
2bb7164c64 AsyncRestTemplate and FutureAdapter consistently throw ExecutionException
Issue: SPR-13413
2015-08-31 17:31:52 +02:00
Juergen Hoeller
491adf1f2f Polishing 2015-08-27 22:04:58 +02:00
Brian Clozel
803d7b50b9 Skip HttpServletResponse.getStatus() on Servlet 2.5
Prior to this commit, ServletWebRequest would call
HttpServletResponse.getStatus(), which is a Servlet 3.x method.

This commit checks if this method is available before calling it, thus
keeping Servlet 2.5 compatibility.

Issue: SPR-13396
2015-08-27 20:55:50 +02:00
Juergen Hoeller
e518d7dcc6 Mark log4j support classes as deprecated in favor of Apache Log4j 2 (following Apache's EOL declaration for log4j 1.x)
Issue: SPR-13400
2015-08-27 12:36:57 +02:00
Rossen Stoyanchev
bdf735125f Update javadoc for (Async)RestTemplate
Issue: SPR-13313
2015-08-25 22:03:26 -04:00
Rossen Stoyanchev
2e79a30fed Properly expand URI vars with regex
Before this commit UriComponents was capable of expanding URI vars that
may have contained a regular expressions (as supported with
@RequestMapping for example). However if the regular expressions
contained any nested "{}" the expand did not work correctly.

This commit sanitizes a URI template source removing any content
between nested "{}" prior to expanding. This works since we only care
about the URI variable name.

Issue: SPR-13311
2015-08-25 21:48:02 -04:00
Rossen Stoyanchev
1a9e42b49d Support multipart filename with charset
StandardMultipartHttpServletRequest now supports filenames with
charset information.

Issue: SPR-13319
2015-08-25 20:54:43 -04:00
Juergen Hoeller
4314da922a RedirectView and RequestContext use RequestContextUtils.findWebApplicationContext
Issue: SPR-13346
2015-08-25 22:16:27 +02:00
Brian Clozel
88405be8a5 Quote ETags set with ResponseEntity builder API
Prior to this change, trying to set an unquoted ETag with
`ResponseEntity`'s API would throw an `IllegalArgumentException`.

This commit automatically quotes ETag values set using ResponseEntity.

Issue: SPR-13378
2015-08-24 09:54:08 +02:00
Juergen Hoeller
c685fd7c23 Polishing 2015-08-21 17:03:53 +02:00