Rossen Stoyanchev
cf39078fbb
Backport MVC Java config path-related config options
...
Issue: SPR-14186
2016-04-21 13:50:03 -04:00
Rossen Stoyanchev
ac5b9c7bd6
Fix javadoc issue in ResponseEntityExceptionHandler
...
Issue: SPR-13869
(cherry picked from commit 73df50d )
2016-04-08 22:30:56 +02:00
Rossen Stoyanchev
9e3bb1e26f
Ensure RedirectModel is initialized
...
This commit fixes an old bug in ModelAndViewContainer where getModel
returns a new ModelMap instance that isn't saved and re-used.
Issue: SPR-14045
(cherry picked from commit d7062f6 )
2016-04-08 22:30:56 +02:00
Juergen Hoeller
12eb893e5f
Polishing (backported from 4.1.x)
2015-12-09 17:10:34 +01:00
Rossen Stoyanchev
86ba7476cb
Fix failing tests
2015-11-11 18:06:03 -05:00
Rossen Stoyanchev
1489e29d0c
Switch "attachment" to "inline" on Content-Disposition
...
Issue: SPR-13587, SPR-13643
2015-11-11 17:49:58 -05:00
Rossen Stoyanchev
f2e4da3dac
Whitelist extension if present in the request mapping
...
We know skip the Content-Disposition header for any extension if the
chosen request mapping explicitly contains the URl extension.
Issue: SPR-13629
2015-11-06 13:01:34 -05:00
Rossen Stoyanchev
6a9329cb76
No Content-Disposition if HTML in the request mapping
...
Issue: SPR-13629
2015-11-02 13:21:59 -05:00
Rossen Stoyanchev
03f547eb98
Protect against RFD exploits
...
Issue: SPR-13548
2015-10-15 09:32:32 +02:00
Juergen Hoeller
b15da37891
Removed misleading note on readonly and disabled flags in spring-form.tld
...
Issue: SPR-13397
(cherry picked from commit c4a9abb )
2015-10-14 13:58:15 +02:00
Juergen Hoeller
adb54b2c69
Backported DispatcherServlet and ServletContextResourcePatternResolver refinements
...
Issue: SPR-13011
2015-05-11 19:58:36 +02:00
Juergen Hoeller
3e2491c058
Polishing
2015-03-23 22:43:49 +01:00
Juergen Hoeller
d879bad248
Polishing
...
(cherry picked from commit 7ed7f98 )
2015-03-06 23:47:54 +01:00
Juergen Hoeller
e5207e6231
Polishing
2015-03-02 21:17:16 +01:00
Brian Clozel
2d3fe96cd6
Allow file locations for resource handling
...
Prior to this change, location checks for serving resources would append
`/` to the location path it didn't already have one.
This commit makes sure not to append a `/` if the provided location is
actually a file.
Issue: SPR-12747
2015-02-27 19:12:01 +01:00
Juergen Hoeller
9a7871fb70
Consistent validation logic
...
Issue: SPR-12655
2015-02-20 00:20:07 +01:00
Juergen Hoeller
186fef6808
Revised validation javadoc
...
Issue: SPR-12655
2015-02-19 22:46:29 +01:00
Juergen Hoeller
3ed24bca20
ServletUriComponentsBuilder.java avoids NPE on scheme check
...
Issue: SPR-12723
(cherry picked from commit 61cc3b5 )
2015-02-18 20:44:50 +01:00
Stephane Nicoll
64e79ba692
Use hasLength rather than hasText
2014-12-30 15:39:48 +01:00
Stephane Nicoll
4bcf92f176
Restore JDK 5 compatiblity
2014-12-30 15:34:35 +01:00
Juergen Hoeller
62a6c3733d
Polishing
...
(cherry picked from commit e9d24d5 )
2014-12-29 20:06:57 +01:00
Juergen Hoeller
e353af65d2
HandlerExecutionChain prevents re-adding the interceptors array to the list (and declares varargs now)
...
Issue: SPR-12566
(cherry picked from commit 37713ae )
2014-12-29 20:05:04 +01:00
Brian Clozel
379d2e6da0
Fix location checks for servlet 3 resources
...
SPR-12354 applied new checks to make sure that served static resources
are under authorized locations.
Prior to this change, serving static resources from Servlet 3 locations
such as "/webjars/" would not work since those locations can be within
one of the JARs on path. In that case, the checkLocation method would
return false and disallow serving that static resource.
This change fixes this issue by making sure to call the
`ServletContextResource.getPath()` method for servlet context resources.
Note that there's a known workaround for this issue, which is using a
classpath scheme as location, such as:
"classpath:/META-INF/resources/webjars/" instead of "/webjars".
Issue: SPR-12432
(cherry picked from commit 1214624 )
2014-11-24 19:11:15 +01:00
Juergen Hoeller
7f1e5a49a4
Polishing
...
(cherry picked from commit 2675ce7 )
2014-11-22 23:19:48 +01:00
Rossen Stoyanchev
3f68cd633f
Apply extra checks to static resource handling
...
- remove leading '/' and control chars
- improve url and relative path checks
- account for URL encoding
- add isResourceUnderLocation final verification
Issue: SPR-12354
2014-11-11 06:49:42 +01:00
Juergen Hoeller
d5e4592728
Polishing
2014-11-02 11:19:54 +01:00
Juergen Hoeller
d53b67f5cb
TilesConfigurer defensively expects null from getResources in case of no resources found
...
Also includes order preservation for resource results with Tiles 2 as well as retrieval failure logging with Tiles 3.
Issue: SPR-12362
(cherry picked from commit c8b8dc5 )
2014-11-02 00:21:19 +01:00
Juergen Hoeller
f812998826
Set ResponseStatusExceptionResolver.messageSource in the MVC Java config
...
Issue: SPR-12380
(cherry picked from commit aa82da8 )
2014-11-02 00:21:02 +01:00
Juergen Hoeller
e819999c08
Polishing
2014-09-17 19:10:33 +02:00
Juergen Hoeller
21f0057990
Polishing
2014-08-23 00:11:19 +02:00
Juergen Hoeller
a4c8e6176c
Consistent attribute documentation/formatting in spring-context and spring-mvc schemas
...
(cherry picked from commit b5763fe )
2014-08-22 23:50:34 +02:00
Juergen Hoeller
7cf4a4ed2d
DispatcherServlet's checkMultipart detects wrapped MultipartRequest as well
...
Issue: SPR-12114
(cherry picked from commit 786fd92 )
2014-08-22 23:49:16 +02:00
Juergen Hoeller
0c89279d61
Polishing
2014-08-13 15:54:21 +02:00
Juergen Hoeller
36918d6bb7
Polishing (includes varargs for selected setters)
2014-08-11 22:12:26 +02:00
Juergen Hoeller
214f026ea3
Polishing
2014-07-29 12:45:32 +02:00
Juergen Hoeller
c0a4631fd1
Polishing
2014-07-29 10:10:48 +02:00
Juergen Hoeller
a3ebf13579
SelectedValueComparator defensively handles null values in exhaustiveCompare
...
Issue: SPR-12001
(cherry picked from commit 980f971 )
2014-07-29 00:13:29 +02:00
Juergen Hoeller
fe72fcede5
Polishing
...
(cherry picked from commit ede2150 )
2014-07-02 18:18:21 +02:00
Juergen Hoeller
983cce22d8
Package javadoc cleanup for web.servlet.mvc, removing outdated references
...
Issue: SPR-11935
(cherry picked from commit 7396210 )
2014-07-01 18:26:31 +02:00
Juergen Hoeller
c033f889bf
Polishing (backported from master)
...
(cherry picked from commit 48f753f )
2014-07-01 14:28:05 +02:00
Juergen Hoeller
779a6b79eb
Polishing
2014-04-27 22:52:51 +02:00
Juergen Hoeller
99a3e9cacb
Revised ByteArrayOutputStream handling in MarshallingView and co
...
Issue: SPR-11646
(cherry picked from commit 8006696 )
2014-04-02 22:56:34 +02:00
Juergen Hoeller
f93bfa8f84
ResourceHttpRequestHandler explicitly closes a Resource's InputStream
...
Issue: SPR-11644
(cherry picked from commit 3a96f16 )
2014-04-02 22:55:52 +02:00
Juergen Hoeller
b80dc9d642
Polishing
...
Issue: SPR-11262
(cherry picked from commit d628025 )
2014-04-02 22:55:33 +02:00
Juergen Hoeller
623b1fc0d5
Polishing
2014-03-25 00:37:01 +01:00
Juergen Hoeller
a2bdc284f9
DispatcherServlet logs request URI in encoded form only
...
Issue: SPR-11591
(cherry picked from commit 465ca24 )
2014-03-25 00:36:36 +01:00
Juergen Hoeller
dbd5f67498
Consistently applied appropriate ByteArrayOutputStream initial capacities across the codebase
...
Issue: SPR-11594
(cherry picked from commit dd7f54c )
2014-03-25 00:35:33 +01:00
Juergen Hoeller
9585752693
Polishing
2014-03-11 21:36:10 +01:00
Juergen Hoeller
5c0fdb05bd
AbstractFlashMapManager needs to decode parameter names
...
Also includes general alignment with the 4.0.3 versions of AbstractFlashMapManager and FlashMapManagerTests.
Issue: SPR-11504
2014-03-11 21:35:36 +01:00
Juergen Hoeller
75e08695a0
Mixed polishing along with recent changes
...
(cherry picked from commit 14e5a02 )
2014-02-14 23:27:09 +01:00