Commit Graph

3782 Commits

Author SHA1 Message Date
Arjen Poutsma
e44f84e8ee Restore Jetty 10 compatibility in JettyClientHttpResponse
Closes gh-32337
2024-02-28 13:33:18 +01:00
Sam Brannen
464fa7ea0e Do not cache Content-Type in ContentCachingResponseWrapper
Based on feedback from several members of the community, we have
decided to revert the caching of the Content-Type header that was
introduced in ContentCachingResponseWrapper in 375e0e6827.

This commit therefore completely removes Content-Type caching in
ContentCachingResponseWrapper and updates the existing tests
accordingly.

To provide guards against future regressions in this area, this commit
also introduces explicit tests for the 6 ways to set the content length
in ContentCachingResponseWrapper and modifies a test in
ShallowEtagHeaderFilterTests to ensure that a Content-Type header set
directly on ContentCachingResponseWrapper is propagated to the
underlying response even if content caching is disabled for the
ShallowEtagHeaderFilter.

See gh-32039
See gh-32317
Closes gh-32322
2024-02-28 11:13:59 +01:00
Sam Brannen
6e1f583c06 Polish ShallowEtagHeaderFilterTests 2024-02-28 11:06:55 +01:00
Sébastien Deleuze
57646a092e Refine *HttpMessageConverter#getContentLength null safety
Closes gh-32332
2024-02-27 15:50:06 +01:00
Sam Brannen
380f5d5ea4 Honor Content-[Type|Length] headers from wrapped response again
Commit 375e0e6827 introduced a regression in
ContentCachingResponseWrapper (CCRW). Specifically, CCRW no longer
honors Content-Type and Content-Length headers that have been set in
the wrapped response and now incorrectly returns null for those header
values if they have not been set directly in the CCRW.

This commit fixes this regression as follows.

- The Content-Type and Content-Length headers set in the wrapped
  response are honored in getContentType(), containsHeader(),
  getHeader(), and getHeaders() unless those headers have been set
  directly in the CCRW.

- In copyBodyToResponse(), the Content-Type in the wrapped response is
  only overridden if the Content-Type has been set directly in the CCRW.

Furthermore, prior to this commit, getHeaderNames() returned duplicates
for the Content-Type and Content-Length headers if they were set in the
wrapped response as well as in CCRW.

This commit fixes that by returning a unique set from getHeaderNames().

This commit also updates ContentCachingResponseWrapperTests to verify
the expected behavior for Content-Type and Content-Length headers that
are set in the wrapped response as well as in CCRW.

See gh-32039
See gh-32317
Closes gh-32322
2024-02-25 18:08:12 +01:00
Sam Brannen
1acc1c3a27 Polish ContentCachingResponseWrapper[Tests] 2024-02-25 18:02:59 +01:00
Juergen Hoeller
452973fbbd Consistent Lock field declaration (instead of ReentrantLock field type)
(cherry picked from commit b4153618a4)
2024-02-13 11:31:55 +01:00
rstoyanchev
7ec5c994c1 Update user info pattern
Closes gh-32211
2024-02-13 07:18:50 +00:00
Juergen Hoeller
60035b5e39 Polishing 2024-02-01 17:41:50 +01:00
Arjen Poutsma
186d6e370d Guard against multiple body subscriptions
Before this commit, the Jetty connector did not have any
safeguard against multiple body subscriptions. Such as check has now
been added.

See gh-32100
Closes gh-32101
2024-01-24 14:05:06 +01:00
Juergen Hoeller
732642d8ad Declare allowPrivateNetwork as available since 5.3.32
See gh-28546
See gh-31974
2024-01-24 12:22:51 +01:00
Juergen Hoeller
d7649d088d Polishing 2024-01-24 12:20:35 +01:00
Juergen Hoeller
7ac66eff4d Consistent nullability for concurrent result
(cherry picked from commit b92877990d)
2024-01-24 12:05:33 +01:00
Juergen Hoeller
f22bdf4734 Polishing 2024-01-19 17:29:16 +01:00
Arjen Poutsma
a0f24cf485 Handle Content-Length in ShallowEtagHeaderFilter more robustly
This commit ensures that setting the Content-Length through
setHeader("Content-Length", x") has the same effect as calling
setContentLength in the ShallowEtagHeaderFilter. It also filters out
Content-Type headers similarly to Content-Length.

See gh-32039
Closes gh-32051
2024-01-18 16:07:02 +01:00
rstoyanchev
fd240b3b86 Double-checked lock in ChannelSendOperator#request
Closes gh-31865
2024-01-12 17:18:19 +00:00
Sébastien Deleuze
df1bec9e97 Polishing
See gh-31974
2024-01-08 12:23:23 +01:00
Sébastien Deleuze
cfec88bfa8 Add CORS support for Private Network Access
This commit adds CORS support for Private Network Access
by adding an Access-Control-Allow-Private-Network response
header when the preflight request is sent with an
Access-Control-Request-Private-Network header and that
Private Network Access has been enabled in the CORS
configuration.

See https://developer.chrome.com/blog/private-network-access-preflight/
for more details.

Closes gh-31974

(cherry picked from commit 318d460256)
2024-01-08 11:49:00 +01:00
Juergen Hoeller
b2bdc7de30 Polishing 2023-12-30 15:51:05 +01:00
Brian Clozel
687676ea47 Fix ordering of releasing resources in JSON Encoder
Prior to this commit, the Jackson 2.x encoders, in case of encoding a
stream of data, would first release the `ByteArrayBuilder` and then the
`JsonGenerator`. This order is inconsistent with the single value
variant (see `o.s.h.codec.json.AbstractJackson2Encoder#encodeValue`) and
invalid since the `JsonGenerator` uses internally the
`ByteArrayBuilder`.

In case of a CSV Encoder, the codec can buffer data to write the column
names of the CSV file. Writing an empty Flux with this Encoder would not
fail but still log a NullPointerException ignored by the reactive
pipeline.

This commit fixes the order and avoid such issues at runtime.

Fixes gh-31657
2023-11-22 21:35:16 +01:00
Arjen Poutsma
d3ec9395e1 Guard for empty FileItems in CommonsFileUploadSupport
This commit ensures that a FileItem is not empty before its value is
read.

Closes gh-31564
2023-11-08 15:35:17 +01:00
Sébastien Deleuze
75faf698af Refine CORS documentation for wildcard processing
This commit refines CORS wildcard processing Javadoc to
provides more details on how wildcards are handled for
Access-Control-Allow-Methods, Access-Control-Allow-Headers
and Access-Control-Expose-Headers CORS headers.

For Access-Control-Expose-Headers, it is not possible to copy
the response headers which are not available at the point
when the CorsProcessor is invoked. Since all the major browsers
seem to support wildcard including on requests with credentials,
and since this is ultimately the user-agent responsibility to
check on client-side what is authorized or not, Spring Framework
continues to support this use case.

See gh-31168
2023-09-11 18:15:07 +02:00
Sam Brannen
88c3a788f3 Update copyright headers 2023-08-21 15:12:54 +02:00
Juergen Hoeller
df066d8190 Fix accidental javadoc references to jakarta packages 2023-08-16 13:03:23 +02:00
Juergen Hoeller
340b32a3cb Polishing 2023-07-19 23:31:38 +02:00
Juergen Hoeller
a7b7466274 Polishing 2023-07-19 01:17:25 +02:00
rstoyanchev
1cd994d3a8 Encapsulate full path initialization 2023-07-11 11:45:23 +01:00
Juergen Hoeller
da814e01c7 Polishing 2023-07-04 21:52:36 +02:00
Juergen Hoeller
5d4c2846d9 Polishing 2023-07-04 16:43:29 +02:00
Juergen Hoeller
02cbee560d Polishing
(cherry picked from commit 6526e79eea)
2023-06-26 20:06:12 +02:00
Juergen Hoeller
ce97342fee Consistently use mutable ArrayList for modulesToInstall vs modules
Closes gh-30751

(cherry picked from commit 062d701ae1)
2023-06-26 12:39:01 +02:00
rstoyanchev
1c43a4c7ab Fix regression in ReactorServerHttpRequest
Instead of a backport for cef916, this change simply undoes the
optimization that led to the regression.

Closes gh-30314
2023-04-11 15:12:54 +01:00
Sébastien Deleuze
e931fdc5c2 Make HttpComponentsHeadersAdapter#getFirst nullable
Backport of gh-30267

Closes gh-30269
2023-04-03 09:06:32 +02:00
Juergen Hoeller
a93382dbbf Propagate HttpStreamResetException itself if cause is null
Closes gh-30245

(cherry picked from commit 8fca258207)
2023-03-30 19:32:29 +02:00
Sam Brannen
3ddf183922 Update copyright headers 2023-03-17 14:51:13 +01:00
rstoyanchev
f0da099b12 Prefer request hostName and hostPort in ReactorServerHttpRequest
Backport of 682a4d53 and 9624ea39

Closes gh-29974
2023-03-14 07:02:21 +00:00
rstoyanchev
a2b7a907ec Prefer local hostAddress in ReactorServerHttpRequest
Closes gh-28601
2023-02-23 16:40:38 +00:00
Johnny Lim
4c351e811a Polish
See gh-29928
2023-02-09 09:55:19 +01:00
Juergen Hoeller
42e7318cbb Polishing 2023-01-31 16:48:36 +01:00
Juergen Hoeller
000383fbff Explicit target ClassLoader for interface-based infrastructure proxies
Includes direct JDK Proxy usage instead of ProxyFactory where possible.

Closes gh-29913

(cherry picked from commit 4d6249811e)
2023-01-31 16:48:27 +01:00
Juergen Hoeller
37cbdc2cf4 Lazily load ContextLoader.properties (and lazily fail if not present)
Closes gh-29905

(cherry picked from commit a74b86e812)
2023-01-31 16:21:45 +01:00
rstoyanchev
45a7917a36 Backport of cf9fc69d6b
Closes gh-29911
2023-01-31 11:55:32 +00:00
Sam Brannen
90ea39cc6b Update copyright headers 2023-01-28 20:49:13 +01:00
Arjen Poutsma
21c3d4f4a9 Support Jetty 10 in JettyClientHttpRequest
Though Jetty 10 was previously supported in the JettyClientHttpResponse,
this commit ensures support in the JettyClientHttpRequest.

Closes gh-29867
See gh-26123
2023-01-26 17:27:57 +01:00
Sébastien Deleuze
4a4b332709 Refine Jackson2ObjectMapperBuilder#configureFeature exception handling
This commit changes the FatalBeanException previously thrown for
an IllegalArgumentException which seems more suitable for that
use case.

Closes gh-29860
2023-01-20 10:15:49 +01:00
Brian Clozel
777f01d786 Fix path within mapping when pattern contains ".*"
Prior to this commit, extracting the path within handler mapping would
result in "" if the matching path element would be a Regex and contain
".*". This could cause issues with resource handling if the handler
mapping pattern was similar to `"/folder/file.*.extension"`.

This commit introduces a new `isLiteral()` method in the `PathElement`
abstract class that expresses whether the path element can be compared
as a String for path matching or if it requires a more elaborate
matching process.

Using this method for extracting the path within handler mapping avoids
relying on wildcard count or other properties.

See gh-29712
Fixes gh-29716
2022-12-19 10:53:02 +01:00
Juergen Hoeller
937ab5f4b2 Polishing (aligned with main) 2022-12-13 12:06:09 +01:00
rstoyanchev
912fa7602a Improve invalid Content-Type handling in WebFlux
Closes gh-29565
2022-12-09 11:53:16 +00:00
Sam Brannen
41a6b7ec20 Update copyright headers for source code changed since August 2022
The changes in this commit were performed using the newly introduced
update_copyright_headers.sh script.
2022-12-03 17:23:21 -05:00
Sam Brannen
750a8b359f Stop using Mockito to spy() on JDK I/O streams
When running on JDK 16+, we are not able to spy() on JDK types. To
address this, this commit stops using Mockito to spy on JDK I/O streams
(such as ByteArrayInputStream and ByteArrayOutputStream).
2022-12-03 17:23:21 -05:00