Fix HandlerMappingIntrospector uri matching

Prior to this commit, the `HandlerMappingIntrospector` would comparea request with a cached request by using `String#matches` on their String URI. This could lead to `PatternSyntaxException` exceptions at runtime if the request URI contained pattern characters. This commit fixes this typo to use `String#equals` instead. Fixes gh-31937
2024-01-04 16:44:00 +01:00 · 2024-01-04 16:44:00 +01:00 · 7c9307e970
parent 4f599b7396
commit 7c9307e970
2 changed files with 8 additions and 7 deletions
--- a/spring-webmvc/src/main/java/org/springframework/web/servlet/handler/HandlerMappingIntrospector.java
+++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/handler/HandlerMappingIntrospector.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -399,7 +399,7 @@ public class HandlerMappingIntrospector

 		public boolean matches(HttpServletRequest request) {
 			return (this.dispatcherType.equals(request.getDispatcherType()) &&
-					this.requestURI.matches(request.getRequestURI()));
+					this.requestURI.equals(request.getRequestURI()));
 		}

 		@Nullable
--- a/spring-webmvc/src/test/java/org/springframework/web/servlet/handler/HandlerMappingIntrospectorTests.java
+++ b/spring-webmvc/src/test/java/org/springframework/web/servlet/handler/HandlerMappingIntrospectorTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -204,15 +204,16 @@ public class HandlerMappingIntrospectorTests {
 		assertThat(corsConfig.getAllowedMethods()).isEqualTo(Collections.singletonList("POST"));
 	}

-	@Test
-	void cacheFilter() throws Exception {
+	@ParameterizedTest
+	@ValueSource(strings = {"/test", "/resource/1234****"}) // gh-31937
+	void cacheFilter(String uri) throws Exception {
 		CorsConfiguration corsConfig = new CorsConfiguration();
 		TestMatchableHandlerMapping mapping = new TestMatchableHandlerMapping();
-		mapping.registerHandler("/test", new TestHandler(corsConfig));
+		mapping.registerHandler("/*", new TestHandler(corsConfig));

 		HandlerMappingIntrospector introspector = initIntrospector(mapping);

-		MockHttpServletRequest request = new MockHttpServletRequest("GET", "/test");
+		MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
 		MockHttpServletResponse response = new MockHttpServletResponse();

 		MockFilterChain filterChain = new MockFilterChain(