Headings are optimized for how they appear in the left-hand side
navitation menu, with context provided by parent headings, and not
necessarily for how they read on their own.
At 2nd and 3rd level of nesting, which is where most headings are,
the wrapping becomes too distracting and the left-hand side navigation
sprawling.
This commit allows CorsConfiguration#combine()
to differentiate permit default values set by
CorsConfiguration#applyPermitDefaultValues()
from values configured explicitly by the user.
Those permit default values will be overridden
by any user-provided ones while user-provided values
will be combined in an additive way, including
when "*" is specified.
Documentation has been improved accordingly.
Issue: SPR-15772
- Add "Processing" section (also replaces Advanced Customizations)
- Add information on out-of-the-box behavior
- Add more deails on @CrossOririn default configuratio
- Add cross-references between Spring MVC and WebFlux
- Polish
Access-Control-Allow-Credentials CORS header, used to
allow cookies with CORS requests, is not set to true
anymore by default when enabling CORS with
@CrossOrigin or global CORS configuration in order to
provide a more secured default CORS configuration.
The related allowCredentials property now requires to
be set to true explicitly in order to support cookies
with CORS requests.
Issue: SPR-16130
This change allows much more usable TOC for the reactive
stack and will make WebFlux documentation easier to
contribute thanks to a clearer split between both stacks.
Issue: SPR-15149
Brian Clozel
Juergen Hoeller
Rossen Stoyanchev
Jay Bryant
Stephane Nicoll
sdeleuze