Previously, both HypermediaAutoConfiguration and HttpMessageConverters
assumed that if Spring HATEOAS was on the class path, then Jackson
would be too. When this was not the case, an application would fail
to start.
This commit updates both classes to back off appropriately when
Spring HATEOAS is on the classpath but Jackson is not.
Closes gh-7434
We use some internal Mockito classes and some breaking API changes
have been made to them in Mockito 2. This commit introduces a utility
class, SpringBootMockUtil, to shield our code from these differences.
Mockito 1 is called directly and Mockito 2 is called via reflection.
To allow these changes to be tested, FilteredClassPathRunner has been
enhanced to also support overriding a dependency on the class path.
As a result it has been renamed to ModifiedClassPathRunner. The new
ClassPathOverrides annotation can be used to provide the Maven
coordinates of one or more dependencies that should be resolved and
added to the class path. Such additions are added to the start of
the class path so that they override any existing dependency that
contains the same classes.
Closes gh-6520
This commit adds an extra property to the `server.tomcat.accesslog` to
control the `reqestAttributesEnabled` flag. This flag sets request
attributes for IP address, Hostname, protocol and port used for the
request.
Closes gh-7367
Previously, we just waited for the file to exist before trying to read
the port from it. This left a window where the file existed but its
contents had not be written which could result in a
NumberFormatException.
This commit now waits for the file to have a length that is greater
than zero.
See gh-7379
Previously, remote DevTools only correctly supported modifying
existing classes. New classes that were added would be missed, and
deleted classes could cause a failure as they would be found by
component scanning but hidden by RestartClassLoader.
This commit introduces a DevTools-specific ResourcePatternResolver
that is installed as the application context's resource loader. This
custom resolver is aware of the files that have been added and
deleted and modifies the result returned from getResource and
getResources accordingly.
New intergration tests have been introduced to verify DevTools'
behaviour. The tests cover four scenarios:
- Adding a new controller
- Removing an existing controller
- Adding a request mapping to a controller
- Removing a request mapping from a controller
These four scenarios are tested with:
- DevTools updating a local application
- DevTools updating a remote application packaged in a jar file
- DevTools updating a remote application that's been exploded
Closes gh-7379
Add `content-security-policy` and `content-security-policy-mode`
`security.header` properties and update auto-configuration to apply
them when specified.
Fixes gh-7373
Closes gh-7357
Make `ErrorPageFilter#getDescription` `protected` instead of `private`
to be able to customize the details for the request logged in case of
an error.
Fixes gh-7380
Closes gh-7393
Andy Wilkinson
Stephane Nicoll
Gary Russell
Phillip Webb
Madhura Bhave
Quentin Caillard
Marius Bogoevici
Christoffer Sawicki
Stéphane Daviet