Commit Graph

672 Commits

Author SHA1 Message Date
Juergen Hoeller beae336627 Polishing 2015-03-25 15:22:41 +01:00
Juergen Hoeller d23893fd25 Consistent javadoc param declarations for type variables 2015-03-25 00:44:01 +01:00
Juergen Hoeller c8cc8b7cbd Removed outdated references to Servlet 2.3/2.4
(cherry picked from commit 673dac5)
2015-03-24 21:24:12 +01:00
Rossen Stoyanchev 44e8f7b333 Revert "Support {/var} syntax in UriComponentsBuilder"
This reverts commit a57d42829c after the
realization of a weaknesses with the proposed approach.

For example if a path segment contains both a /-prefixed and a regular
URI variable, there is no way to split that into a sequence of path
and path segments. The solution will have to be on the side of
UriComponents at the time of encoding.
2015-03-23 16:44:03 -04:00
Rossen Stoyanchev 95f6e4cc9b Support StreamingResponseBody return value type
Issue: SPR-12831
2015-03-23 15:38:52 -04:00
Brian Clozel f9ce11eef8 Provide controller level Cache-Control support
Prior to this commit, Cache-Control HTTP headers could be set using
a WebContentInterceptor and configured cache mappings.

This commit adds support for cache-related HTTP headers at the controller
method level, by returning a ResponseEntity instance:

ResponseEntity.status(HttpStatus.OK)
    .cacheControl(CacheControl.maxAge(1, TimeUnit.HOURS).cachePublic())
    .eTag("deadb33f8badf00d")
    .body(entity);

Also, this change now automatically checks the "ETag" and
"Last-Modified" headers in ResponseEntity, in order to respond HTTP
"304 - Not Modified" if necessary.

Issue: SPR-8550
2015-03-23 18:05:14 +01:00
Brian Clozel 38f32e3816 Improve HTTP caching flexiblity
This commit improves HTTP caching defaults and flexibility in
Spring MVC.

1) Better default caching headers

The `WebContentGenerator` abstract class has been updated with
better HTTP defaults for HTTP caching, in line with current
browsers and proxies implementation (wide support of HTTP1.1, etc);
depending on the `setCacheSeconds` value:

* sends "Cache-Control: max-age=xxx" for caching responses and
do not send a "must-revalidate" value by default.
* sends "Cache-Control: no-store" or "Cache-Control: no-cache"
in order to prevent caching

Other methods used to set specific header such as
`setUseExpiresHeader` or `setAlwaysMustRevalidate` are now deprecated
in favor of `setCacheControl` for better flexibility.
Using one of the deprecated methods re-enables previous HTTP caching
behavior.

This change is applied in many Handlers, since
`WebContentGenerator` is extended by `AbstractController`,
`WebContentInterceptor`, `ResourceHttpRequestHandler` and others.

2) New CacheControl builder class

This new class brings more flexibility and allows developers
to set custom HTTP caching headers.

Several strategies are provided:

* `CacheControl.maxAge(int)` for caching responses with a
"Cache-Control: max-age=xxx" header
* `CacheControl.noStore()` prevents responses from being cached
with a "Cache-Control: no-store" header
* `CacheControl.noCache()` forces caches to revalidate the cached
response before reusing it, with a "Cache-Control: no-store" header.

From that point, it is possible to chain method calls to craft a
custom CacheControl instance:

```
CacheControl cc = CacheControl.maxAge(1, TimeUnit.HOURS)
    .cachePublic().noTransform();
```

3) Configuring HTTP caching in Resource Handlers

On top of the existing ways of configuring caching mechanisms,
it is now possible to use a custom `CacheControl` to serve
resources:

```
@Configuration
public class MyWebConfig extends WebMvcConfigurerAdapter {

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    CacheControl cc = CacheControl.maxAge(1, TimeUnit.HOURS);
    registry.addResourceHandler("/resources/**)
            .addResourceLocations("classpath:/resources/")
            .setCacheControl(cc);
  }
}
```

or

```
<mvc:resources mapping="/resources/**" location="classpath:/resources/">
  <mvc:cachecontrol max-age="3600" cache-public="true"/>
</mvc:resources>
```

Issue: SPR-2779, SPR-6834, SPR-7129, SPR-9543, SPR-10464
2015-03-23 18:01:04 +01:00
Markus Malkusch 953608ec49 Improve ETag & Last-Modifed support in WebRequest
This change improves the following use cases with
`WebRequest.checkNotModified(String etag)` and
`WebRequest.checkNotModified(long lastModifiedTimeStamp)`:

1) Allow weak comparisons for ETags

Per rfc7232 section-2.3, ETags can be strong or weak;
this change allows comparing weak forms `W/"etagvalue"` but does
not make a difference between strong and weak comparisons.

2) Allow multiple ETags in client requests

HTTP clients can send multiple ETags values in a single header such as:
`If-None-Match: "firstvalue", "secondvalue"`
This change makes sure each value is compared to the one provided by
the application side.

3) Extended support for ETag values

This change adds padding `"` to the ETag value provided by
the application, if not already done:
`etagvalue` => `"etagvalue"`

It also supports wildcard values `*` that can be sent by HTTP clients.

4) Sending validation headers for 304 responses

As defined in https://tools.ietf.org/html/rfc7232#section-4.1
`304 Not Modified` reponses must generate `Etag` and `Last-Modified`
HTTP headers, as they would have for a `200 OK` response.

5) Providing a new method to validate both Etag & Last-Modified

Also, this change adds a new method
`WebRequest.checkNotModified(String etag, long lastModifiedTimeStamp)`
in order to support validation of both `If-None-Match` and
`Last-Modified` headers sent by HTTP clients, if both values are
supported by the application code.

Even though this approach is recommended by the HTTP rfc (setting both
Etag and Last-Modified headers in the response), this requires more
application logic and may not apply to all resources produced by the
application.

Issue: SPR-11324
2015-03-23 17:36:06 +01:00
Juergen Hoeller 56273a8ff3 Polishing 2015-03-21 01:19:01 +01:00
Rossen Stoyanchev f06dffb714 Improve MockHttpServletRequest/Response charset parsing
Issue: SPR-12677
2015-03-20 16:12:46 -04:00
Rossen Stoyanchev a57d42829c Support {/var} syntax in UriComponentsBuilder
Issue: SPR-12750
2015-03-20 15:35:43 -04:00
Rossen Stoyanchev 6a96c26dd4 Add HttpRange tests, set Accept-Range header, polish
Issue: SPR-10805
2015-03-20 15:35:43 -04:00
Arjen Poutsma da48739628 Support byte ranges in ResourceHttpRequestHandler
This commit introduces support for HTTP byte ranges in the
ResourceHttpRequestHandler. This support consists of a number of
changes:

- Parsing of HTTP Range headers in HttpHeaders, using a new HttpRange
  class and inner ByteRange/SuffixByteRange subclasses.
- MIME boundary generation moved from FormHttpMessageConverter to
  MimeTypeUtils.
- writePartialContent() method introduced in ResourceHttpRequestHandler,
  handling the byte range logic
- Additional partial content tests added to
  ResourceHttpRequestHandlerTests.

Issue: SPR-10805
2015-03-20 15:35:43 -04:00
Rossen Stoyanchev 0e7eecfe34 Add copyToUriComponentsBuilder method
After this change UriComponentsBuilder#uriComponents method no longer
no longer copies from the given UriComponents but rather lets the
UriComponents instance copy itself to the UriComponentsBuilder.

This avoids the need for instanceof checks and also makes it possible
to distinguish between path and path segments, which otherwise is
internal knowledge of UriComponentsBuilder.

Issue: SPR-12742
2015-03-20 15:35:43 -04:00
Juergen Hoeller 898c24fcdd Optimized access to resolved bean type (avoiding BeanFactory locks)
Revised HandlerMethod.getBeanType() impl for both web and messaging.
In addition, HandlerMethods get created with the internal BeanFactory now.

Issue: SPR-12832
2015-03-20 17:35:44 +01:00
Juergen Hoeller 370e3a52bf HttpComponentsClientHttpRequestFactory supports plain HttpClient (i.e. non-CloseableHttpClient implementations) as well
Issue: SPR-12826
2015-03-17 21:24:51 +01:00
Rossen Stoyanchev febcd0c46d Add baseUrl overloaded MvcUriComponentsBuilder methods
Issue: SPR-12800
2015-03-16 20:45:01 -04:00
Juergen Hoeller 162ee36700 Polishing 2015-03-16 21:01:28 +01:00
Juergen Hoeller abd7052b16 ContentCachingRequestWrapper converts IOException to IllegalStateException
Issue: SPR-12810
(cherry picked from commit ce84faf)
2015-03-13 20:20:51 +01:00
Juergen Hoeller bc6a98c144 Polishing (in particular updating javadoc references to Apache Commons) 2015-03-13 18:19:10 +01:00
Rossen Stoyanchev 69b3e00215 Support comma-separated X-Forwarded-Proto
Issue: SPR-12816
2015-03-13 13:02:52 -04:00
Brian Clozel c6250f5164 Fix InputStream caching in ContentCachingReqWrapper
Prior to this commit, the ContentCachingRequestWrapper would immediately
consume the wrapped request's InputStream when asked for the cached
content; that caused several issues:

* the request body was read in memory even if it wasn't yet consumed by
the application, leading to inefficiencies.
* when requesting the InputStream, an empty InputStream was returned
since the original was already read.

This case only happened for form POSTs requests.

This commit makes sure that the wrapper does not alter the request
expected behavior:

* when getting the inputstream, it is wrapped in order to cache its
content
* when getting request parameters, the request body is cached and its
inputstream is consumed, as expected

Issue: SPR-12810
2015-03-13 16:07:20 +01:00
Rossen Stoyanchev 88a14488a1 Support comma-separated X-Forwarded-Port
Issue: SPR-12813
2015-03-13 09:56:43 -04:00
Rossen Stoyanchev 624790a520 Move X-Forwarded-* tests to UriComponentsBuilderTests 2015-03-13 09:33:21 -04:00
Juergen Hoeller 73e8021e59 ResponseEntity's headers(HttpHeaders) accepts null value
Issue: SPR-12792
2015-03-10 15:11:58 +01:00
Juergen Hoeller 5ba7b89e29 StandardMultipartFile declares itself as Serializable now
Issue: SPR-12795
2015-03-10 15:10:15 +01:00
Sam Brannen d90cee78ef Remove trailing whitespace in source code 2015-03-07 21:16:18 +01:00
Rossen Stoyanchev b7dd520784 Fix formatting 2015-03-05 22:50:48 -05:00
Arjen Poutsma 8ab2e47556 HttpMessageConverters should support streaming
All HttpMessageConverters should support StreamingHttpOutputMessage.
Specifically, the BufferedImageHttpMessageConverter and
FormHttpMessageConverter should do so.

Issue: SPR-12715
2015-03-05 22:50:48 -05:00
Rossen Stoyanchev d64c48ff5f UriComponentsBuilder.fromHttpRequest sets port correctly
Issue: SPR-12771
2015-03-05 21:52:27 -05:00
Juergen Hoeller b541fc9366 Polishing 2015-03-05 18:56:57 +01:00
Juergen Hoeller ee74fe6c27 Latest dependency updates (HttpClient 4.4, TestNG 6.8.21, SnakeYAML 1.15, FreeMarker 2.3.22, JRuby 1.7.19, JAMon 2.81, JiBX 1.2.6, XMLUnit 1.6, JsonPath 1.2) 2015-03-02 20:00:17 +01:00
Stephane Nicoll babbf6e871 Harmonize resources location
Issue: SPR-12766
2015-02-28 10:32:40 +01:00
Juergen Hoeller 594a14ab25 RestTemplate avoids use of warn level for response errors
Protected handleResponse method replaces former private logResponseStatus/handleResponseError methods.

Issue: SPR-12760
2015-02-27 22:28:07 +01:00
Arjen Poutsma e24ebd6dbb Add connect/read timeout to Netty RequestFactory
Added connectTimeout and readTimeout properties to the
Netty4ClientHttpRequestFactory.

Issue: SPR-12612
2015-02-27 11:44:27 -05:00
Juergen Hoeller cc33d3fac8 Polishing 2015-02-25 19:05:06 +01:00
Brian Clozel 1705930c8e Merge pull request #735 from rjozwik/fix-huc-is-reserved
Fix reserved set definition according to appendix A of RFC 3986
2015-02-23 10:09:23 +01:00
Juergen Hoeller 7191050e26 Revised common validation methods in AbstractMessageConverterMethodArgumentResolver
The protected validation methods are analogous to ModelAttributeMethodProcessor now.

Issue: SPR-12655
2015-02-19 23:37:07 +01:00
Sebastien Deleuze 90e6304b49 Adjust log level for invalid SockJS or Websocket requests 2015-02-19 16:52:19 +01:00
Sebastien Deleuze 40cbede7f3 Improve error handling in WebUtils.isValidOrigin()
With this commit, WebUtils.isValidOrigin() logs an error message instead
of throwing an IllegalArgumentException when Origin header value is
invalid (for example when it does not contain the scheme).

Issue: SPR-12697
2015-02-19 16:51:58 +01:00
Juergen Hoeller 2135e70f36 Polishing 2015-02-18 17:59:32 +01:00
Juergen Hoeller 0c15a54007 Polishing 2015-02-18 16:45:16 +01:00
Sebastien Deleuze 6062e15572 Change SockJS and Websocket default allowedOrigins to same origin
This commit adds support for a same origin check that compares
Origin header to Host header. It also changes the default setting
from all origins allowed to only same origin allowed.

Issues: SPR-12697, SPR-12685
2015-02-18 09:30:15 +01:00
Juergen Hoeller 77fcf21401 Refined Jackson configuration enhancements
Issue: SPR-12594
Issue: SPR-12634
2015-02-11 20:37:04 +01:00
Radosław Józwik 6d734f2340 Fix reserved set definition according to appendix A of RFC 3986
I have signed and agree to the terms of the SpringSource Individual
Contributor License Agreement.
2015-02-10 23:17:59 +01:00
Juergen Hoeller f58abd3d9a Polishing (forward-ported from 4.1.x) 2015-02-10 23:04:12 +01:00
Juergen Hoeller 058714b03a Polishing 2015-02-10 19:30:59 +01:00
Juergen Hoeller 7585be85f3 Revised validation javadoc, plus protected validate/isBindingErrorFatal template methods
Issue: SPR-12655
2015-02-10 19:28:30 +01:00
Rossen Stoyanchev f84c458aba Add fromHttpRequest to UriComponentsBuilder
Before this change, detection of X-Forwarded-* headers was only built
into ServletUriComponentsBuilder.

This change adds a new method for creating a UriComponentsBuilder from
an existing HttpRequest. This is equivalent to the fromUri method +
X-Forwarded-* header values.
2015-02-10 06:53:14 +01:00
Sebastien Deleuze b215d4c29e Add modulesToInstall(Modules...) to Jackson builder
This commit also adds a modules(Module...) method in addition to
modules(List<Module> modules) in order to be consistent with other
parts of the API.

Issue: SPR-12634
2015-02-03 11:58:21 +01:00