Commit Graph

958 Commits

Author SHA1 Message Date
Sam Brannen 725292081e Introduce 'value' alias for 'attribute' in @AliasFor
SPR-11512 introduced support for annotation attribute aliases via
@AliasFor, requiring the explicit declaration of the 'attribute'
attribute. However, for aliases within an annotation, this explicit
declaration is unnecessary.

This commit improves the readability of alias pairs declared within an
annotation by introducing a 'value' attribute in @AliasFor that is an
alias for the existing 'attribute' attribute. This allows annotations
such as @ContextConfiguration from the spring-test module to declare
aliases as follows.

public @interface ContextConfiguration {

     @AliasFor("locations")
     String[] value() default {};

     @AliasFor("value")
     String[] locations() default {};

    // ...
}

Issue: SPR-13289
2015-07-29 15:27:06 +02:00
Juergen Hoeller e1a0c50046 Revised UriComponentsBuilder assertions
Issue: SPR-13257
2015-07-29 12:39:41 +02:00
Juergen Hoeller d83735694e Polishing 2015-07-28 12:15:48 +02:00
Sam Brannen b6c0e7cba3 Remove trailing whitespace in Java source code 2015-07-27 12:40:54 +02:00
Juergen Hoeller efd7f9bf72 Polishing 2015-07-24 18:24:19 +02:00
Sam Brannen 2afbfb2c0d Polishing 2015-07-23 13:32:26 +02:00
Brian Clozel 43e36e2dee Improve DateHeaders in MockServletRequest/Response
Prior to this change, calling the `setDateHeader` method on a
Spring Test MockHttpServletResponse instance would just store the given
long value in a Map, not writing it as a formatted date String.
Also, calling `getDateHeader` on a MockHttpServletRequest would not
support date strings and could not parse those values.

This can be problematic when testing features related to date headers
such as "Expires", "If-Modified-Since", "Last-Modified", etc.

This commit adds formatting and parsing capabilities to Servlet Mocks
for date strings in HTTP headers.

When formatting dates to Strings, the date format used is the one
preferred by the HTTP RFC. When parsing date Strings, multiple date
formats are supported for better compatibility.

Issue: SPR-11912
2015-07-23 11:12:28 +02:00
Juergen Hoeller f06581f5b8 Polishing 2015-07-22 14:20:12 +02:00
Juergen Hoeller 8196af4bc5 UriComponentsBuilder.fromUriString accepts empty URIs
Issue: SPR-13257
2015-07-22 14:17:16 +02:00
Brian Clozel 27bd8d0374 Polish documentation on HTTP date formats 2015-07-22 11:40:05 +02:00
Juergen Hoeller edd6e76b9f Polishing 2015-07-21 22:58:34 +02:00
Juergen Hoeller 1a636b1023 Polishing 2015-07-21 20:33:13 +02:00
Sam Brannen 6b84c332fd Polishing 2015-07-21 15:13:21 +02:00
Brian Clozel 088a50c1fb Improve setDateHeader impl in MockServletResponse
Prior to this change, calling the `setDateHeader` method on a
MockHttpServletResponse instance (internal implementation for testing
the spring-web module) would just store the given long value in a Map,
not writing it as a formatted date String.

This can be problematic when testing features related to date headers
such as "Expires", "If-Modified-Since", "Last-Modified", etc.

This commit formats long dates into date Strings using the date format
recommended by the RFC and the GMT time zone.
2015-07-21 14:28:44 +02:00
Brian Clozel dba46c1358 Partial revert of SPR-13090
Use ServletHttpResponse.setDateHeader whenever possible and avoid using
SimpleDateFormat.
2015-07-20 22:48:20 +02:00
Sebastien Deleuze 57d55ddd56 Polish CorsFilter Javadoc 2015-07-20 11:14:37 +02:00
Sebastien Deleuze 70a03ee2a4 Rename CorsConfigurationMapping to UrlBasedCorsConfigurationSource
Issue: SPR-13192
2015-07-20 10:47:24 +02:00
Sam Brannen e9f64cf9ae Sync Servlet mocks between spring-test & spring-web 2015-07-19 20:23:51 +02:00
Sam Brannen 9124907b29 Polish and simplify Jackson2ObjectMapperFactoryBeanTests 2015-07-19 19:29:12 +02:00
Sam Brannen 5f3506ae8f Suppress build warnings in tests 2015-07-19 19:28:16 +02:00
Juergen Hoeller 203f1225c3 Polishing 2015-07-17 15:25:43 +02:00
Juergen Hoeller 9de824b73d AllEncompassingFormHttpMessageConverter registers MappingJackson2XmlHttpMessageConverter and GsonHttpMessageConverter (for consistency with RestTemplate and WebMvcConfigurationSupport)
Issue: SPR-13240
2015-07-17 15:24:12 +02:00
Juergen Hoeller 2934256257 Polishing 2015-07-15 00:08:11 +02:00
Juergen Hoeller f4f508d869 Revisit date-time tests for compatibility with JDK 9 build 72
Issue: SPR-13232
2015-07-14 23:58:30 +02:00
Stephane Nicoll de6bbe7797 Handle null header value property
When using an Apache Http components based infrastructure, a null header
value is handled as the empty string. The exact same infrastructure using
HttpURLConnection generates a header with no colon. This is actually not
proper HTTP and some components fail to read such request.

We now make sure to call HttpURLConnection#addRequestProperty with the
empty String for a null header value.

Issue: SPR-13225
2015-07-14 10:34:28 +02:00
Juergen Hoeller 1fcd465f2d DelegatingFilterProxy autodetects a unique DispatcherServlet context
Issue: SPR-13191
2015-07-13 21:34:07 +02:00
Juergen Hoeller 8fdbf4285b Jackson2ObjectMapperBuilder prefers Jackson 2.6 JavaTimeModule over JSR310Module
Issue: SPR-13212
2015-07-13 17:41:57 +02:00
Sebastien Deleuze 84138abfd1 Avoid rejecting same-origin requests detected as CORS requests
Browsers like Chrome or Safari include an Origin header for same-origin
POST/PUT/DELETE requests, not only for cross-origin requests.

Before this commit, these same-origin requests would have been detected
as potential cross-origin requests, and rejected if the same-origin domain
is not part of the configured allowedOrigins.

This commit avoid to reject same-origin requests by reusing the logic
introduced in Spring 4.1 for detecting reliably Websocket/SockJS
same-origin requests with the WebUtils.isValidOrigin() method. This
logic has been extracted in a new WebUtils.isSameOrigin() method.

Issue: SPR-13206
2015-07-13 10:59:19 +02:00
Sebastien Deleuze 882fe129f3 Polish CORS support 2015-07-10 16:42:50 +02:00
Sebastien Deleuze cd9b3903a7 Introduce CorsFilter and CorsConfigurationMapping
This commit introduces the following changes:
 - The new CorsConfigurationMapping class allows to share the mapped
   CorsConfiguration logic between AbstractHandlerMapping and CorsFilter
 - In AbstractHandlerMapping, the Map<String, CorsConfiguration>
   corsConfiguration property has been renamed to corsConfigurations
 - CorsFilter allows to process CORS requests at filter level, using any
   CorsConfigurationSource implementation (for example
   CorsConfigurationMapping)

Issue: SPR-13192
2015-07-09 22:19:46 +02:00
Sebastien Deleuze dd16f64998 Polish @CrossOrigin javadoc 2015-07-07 10:01:22 +02:00
Sebastien Deleuze 8ee0e78980 Add Access-Control-Request-Method check for CORS preflight requests
Issue: SPR-13193
2015-07-07 09:34:39 +02:00
Sebastien Deleuze aea23e42c7 Polish 2015-07-07 09:26:06 +02:00
Rossen Stoyanchev 0d1b7fd14f Fix RequestPartServletServerHttpRequest encoding issue
When using Appache Commons FileUpload, multi parts with binary data
(i.e. that are not actual files) are saved and then accessed as
String request parameters.

Before this change however the RequestPartServletServerHttpRequest
used a fixed encoding (UTF-8) while the parsing code in
CommonsFileUploadSupport/Resolver used the encoding from the
content-type header, or the request, or the FileUpload component.

This change does a best effort to determine the encoding of the
request parameter using a similar algorithm as the parsing side
that should work the same unless the encoding comes from the
FileUpload component which is not accessible.

Issue: SPR-13096
2015-07-07 00:47:06 -04:00
Sam Brannen 0f7fc12569 Clean up warnings in spring-web 2015-07-06 18:30:20 +02:00
Juergen Hoeller 23124d106b CommonsMultipartResolver allows for specifying max upload size per file
Issue: SPR-13200
2015-07-06 14:01:51 +02:00
Juergen Hoeller f0c6bff82a MultipartFile interface extends InputStreamSource
Issue: SPR-11861
2015-07-06 13:53:35 +02:00
Brian Clozel 85a80e2a94 Fix error message typo in ShallowEtagHeaderFilter
Issue: SPR-13194
2015-07-03 21:40:48 +02:00
Rossen Stoyanchev 749bee4d58 Polish tests 2015-06-30 12:16:22 -04:00
Juergen Hoeller 265cd2ad1e Javadoc fine-tuning for 4.2 2015-06-30 18:02:42 +02:00
Juergen Hoeller 0411435bac XML parsing tests pass on non-English locales now, plus a revised exception message and some minor polishing
Issue: SPR-13136
(cherry picked from commit 38b8262e1e)
2015-06-30 17:16:45 +02:00
Rossen Stoyanchev d79ec68db4 Disable DTD when parsing untrusted XML input
Issue: SPR-13136
2015-06-30 07:50:21 -04:00
Juergen Hoeller 4facb2fc22 ContentCachingResponseWrapper defensively applies content length in case of sendError/sendRedirect
Issue: SPR-13004
2015-06-30 12:45:43 +02:00
Juergen Hoeller dc1f921f5c Split between basic MethodParameter and SynthesizingMethodParameter
This split avoids a package tangle (between core and core.annotation) and also allows for selective use of raw annotation exposure versus synthesized annotations, with the latter primarily applicable to web and message handler processing at this point.

Issue: SPR-13153
2015-06-30 00:02:02 +02:00
Brian Clozel 39d689da0c Fix conditional requests support for HttpEntity
Prior to this commit, `HttpEntityMethodProcessor` would rely on
`ServletWebRequest` to process conditional requests and with incoming
`"If-Modified-Since"` / `"If-None-Match"` request headers.

This approach is problematic since in that class:

* response is wrapped in a `ServletServerHttpResponse`
* this wrapped response does not write response headers right away
* `ServletWebRequest.checkNotModified` methods can't apply their
logic with incomplete response headers

This solution adds some minimal code duplication and applies
the conditional request logic within the Processor.

A possible alternative would be to improve the
`ServletServerHttpResponse$ServletResponseHttpHeaders` implementation
with write methods - but this solution would only work for Servlet 3.x
applications.

Issue: SPR-13090
2015-06-29 16:47:27 +02:00
Juergen Hoeller a5349eb2f8 Base64Utils falls back to JAXB DatatypeConverter for String-based encoding
Issue: SPR-12938
2015-06-26 22:06:13 +02:00
Sam Brannen 8416752645 Polish Javadoc for MVC parameter binding annotations 2015-06-26 16:14:06 +02:00
Sebastien Deleuze 89cc8e0401 Restore compatibility with Jackson 2.1
Issue: SPR-12501
2015-06-26 02:18:29 +02:00
Sebastien Deleuze 3bff7bd895 Serialize with type only with jackson 2.6+
Previous Jackson versions do not serialize polymorphic collections correctly
when the type is specified.

Issue: SPR-12811
2015-06-26 02:15:37 +02:00
Sebastien Deleuze 289f35da3a Call type aware canWrite() when using a GenericHttpMessageConverter
This commit introduces the following changes:
 - In AbstractMessageConverterMethodProcessor, the type aware variant of
   canWrite() is now called when the converter implements
   GenericHttpMessageConverter.
 - The Javadoc has been updated in GenericHttpMessageConverter to make it clear
   that the type aware canRead() and canWrite() methods should perform the same
   checks than non type aware ones.
  - AbstractGenericHttpMessageConverter now implements default type aware
    canRead() and canWrite() methods than just call the non type aware variants.
    Due to this, if subclasses just override the non type aware variants,
    they still have the right behavior.

Issue: SPR-13161
2015-06-25 15:02:33 +02:00
Sam Brannen 89e504c2f1 Uses Charset instead of String in MimeType.equals()
Prior to this commit, Spring's MimeType checked for equality between
two MIME types based on the equality of their properties maps; however,
the properties maps contain string representations of the "charset"
values. Thus, "UTF-8" is never equal to "utf-8" which breaks the
contract for character set names which must be compared in a
case-insensitive manner.

This commit addresses this issue by ensuring that "charset" properties
in MimeType instances are compared as Java Charset instances, thereby
ignoring case when checking for equality between charset names.

Issue: SPR-13157
2015-06-23 22:30:25 +02:00
Sam Brannen 75fe61843a Fix broken (Async)RestTemplate integration tests
Issue: SPR-13157
2015-06-23 15:15:09 +02:00
Sebastien Deleuze 31a5434ea4 Make @ResponseBody method return type available for message converters
This commit adds canWrite() and write() methods to the
GenericHttpMessageConverter interface. These are type aware variants
of the methods available in HttpMessageConverter, in order to keep
parametrized type information when serializing objects.

AbstractMessageConverterMethodProcessor now calls those type aware
methods when the message converter implements GenericHttpMessageConverter.

AbstractJackson2HttpMessageConverter and GsonHttpMessageConverter uses
these new methods to make @ResponseBody method return type available
for type resolution instead of just letting the JSON serializer trying
to guess the type to use from the object to serialize.

Issue: SPR-12811
2015-06-22 17:05:45 +02:00
Sam Brannen de9f27872e Polish CORS support classes
- Simplified "check" algorithms in CorsConfiguration

- Improved robustness of setter methods in CorsConfiguration in order to
  avoid attempts to modify immutable lists

- Improved CORS documentation and fixed typo

- Introduced constants in CorsConfiguration

- Removed auto-boxing in CorsRegistration
2015-06-20 16:12:18 +02:00
Sam Brannen 078d252d1e Delete trailing whitespace in Java source code 2015-06-19 17:09:52 +02:00
Sebastien Deleuze 1e39a18819 Polish 2015-06-18 18:04:29 +02:00
Rossen Stoyanchev 042519043f Update Javadoc on @ResponseStatus
Issue: SPR-11193
2015-06-17 17:23:31 -04:00
Rossen Stoyanchev 210e10c657 Add AsyncHandlerMethodReturnValueHandler
Before this change HandlerMethodReturnValueHandler's were invoked in a
specific order (type-based, annotation-based, custom). However handlers
that deal with asynchronous return value handling need to always be
considered first. This affects custom handlers in particular since they
are normally ordered last.

This change introduces an AsyncHandlerMethodReturnValueHandler
sub-interface with a single method to determine if the return value is
asynchronous and if it is to look for a matching handler only among
those that are of type AsyncHandlerMethodReturnValueHandler.

Issue: SPR-13083
2015-06-16 08:48:56 -04:00
Sebastien Deleuze 8187833502 Change default JSON prefix from "{} && " to ")]}', "
Issue: SPR-13078
2015-06-16 11:30:07 +02:00
Juergen Hoeller ce7cc79e9f Polishing 2015-06-16 00:18:45 +02:00
Juergen Hoeller 2bed89340b Supply body for POST/PUT/PATCH tests (for OkHttp 2.4 compatibility) 2015-06-16 00:16:33 +02:00
Rossen Stoyanchev 4b05bda0bf Missing path variable is now a 500 error
Before this change a missing path variable value resulted in a 400
error where in fact the error is due to a mismatch between the
declared @PathVariable and the URI template, i.e. a 500 error.

This change introduced a MissingPathVariableException as a sub-class
of ServletRequestBindingException (the exception previously thrown)
and results in a response status code of 500 by default.

Issue: SPR-13121
2015-06-15 16:09:19 -04:00
izeye bd0ca70a2c Add missing super in test
Closes gh-814
2015-06-15 18:16:10 +02:00
Stephane Nicoll 5236eb6b63 Allow default settings of a custom HttpAsyncClient to apply
This is a rework of 71783c5 for SPR-12540 for the async extension that
was not merging the internal RequestConfig as it should.

Issue: SPR-13125
2015-06-15 18:13:07 +02:00
Stephane Nicoll 95acf8c989 Remove references to codehaus.org
Issue: SPR-13129
2015-06-15 15:44:29 +02:00
Sam Brannen 2b339db53b Polish @CrossOrigin
- origin --> origins
- method --> methods
- constants are now actually constant (i.e., static final)
2015-06-13 17:09:58 +02:00
Brian Clozel 0175068cab Improve Last-Modified & ETag support
Prior to this change, the `"Last-Modified"` and "`Etag`" support had
been improved with SPR-11324: HTTP response headers are now
automatically added for conditional requests and more.

This commit fixes the format of the "`Last-Modified`" and "`ETag`"
values, which were using an epoch timestamp rather than an HTTP-date
format defined in RFC 7231 section 7.1.1.1.

Also, Conditional responses are only applied when the given response
applies, i.e. when it has an compatible HTTP status (2xx).

Issue: SPR-13090
2015-06-11 14:46:14 +02:00
Juergen Hoeller ad55687627 Polishing 2015-06-11 12:33:30 +02:00
Juergen Hoeller 32b9ea9e9f WebAsyncUtils avoids reflection for creating StandardServletAsyncWebRequest
Issue: SPR-13112
2015-06-11 10:13:51 +02:00
Rossen Stoyanchev 9712a32c46 Allow setting timeout in ResponseBodyEmitter
Issue: SPR-13104
2015-06-10 14:47:24 -04:00
Arjen Poutsma 4611d058c8 Support Forwarded-Header in UriComponentsBuilder
This commit introduces support for RFC 7239: Forwarded HTTP Extension in
the UriComponentsBuilder. Unfortunately, RFC 7239 is not a complete
replacement for the X-Forwarded-* headers: specifically, there is not
direct replacement for X-Forwarded-Port. The JIRA contains more
information.

Issue: SPR-11856
2015-06-10 11:48:12 -04:00
Sebastien Deleuze 15da5efc86 Fix combining class and method level @CrossOrigin attributes
Issue: SPR-13097
2015-06-05 15:32:58 +02:00
Juergen Hoeller d195ad216a Polishing 2015-06-04 23:27:40 +02:00
Sam Brannen 1a56b47502 Introduce alias for 'value' attribute in @MatrixVariable
Issue: SPR-11393
2015-05-31 18:50:35 +02:00
Sam Brannen 60eb9e9ca2 Introduce 'value' alias for 'origin' in @CrossOrigin
Issue: SPR-11393
2015-05-31 18:34:01 +02:00
Sam Brannen f0c0813011 Change semantics of @CrossOrigin's maxAge regarding negative values 2015-05-31 18:20:52 +02:00
Sam Brannen 891d41c005 Fix typo in Javadoc 2015-05-31 18:13:57 +02:00
Sam Brannen 1b5947bf88 Polish Javadoc for @CrossOrigin 2015-05-31 17:44:45 +02:00
Sam Brannen 9ce7485237 Introduce alias for 'value' attribute in @SessionAttributes
Issue: SPR-11393
2015-05-31 17:21:03 +02:00
Sam Brannen 6a5b2672e7 Introduce alias for 'value' attribute in @ResponseStatus
Issue: SPR-11393
2015-05-31 17:00:23 +02:00
Sam Brannen c55486d5d5 Introduce alias for 'value' attribute in @RequestPart
Issue: SPR-11393
2015-05-31 16:32:45 +02:00
Sam Brannen 034e0e2cf4 Introduce alias for 'value' attribute in @RequestParam
Issue: SPR-11393
2015-05-31 16:20:38 +02:00
Sam Brannen 25a5d9d759 Introduce alias for 'value' attribute in @RequestHeader
Issue: SPR-11393
2015-05-31 16:20:33 +02:00
Sam Brannen c4c3ce796a Introduce alias for 'value' attribute in @CookieValue
Issue: SPR-11393
2015-05-31 16:07:27 +02:00
Sam Brannen 7018747cec Remove trailing whitespace in Java source code 2015-05-29 02:03:44 +02:00
Juergen Hoeller c622f4c487 Polishing 2015-05-23 22:24:10 +02:00
Juergen Hoeller 92bf32b9be Polishing 2015-05-23 20:04:48 +02:00
Juergen Hoeller 05d475a275 Polishing 2015-05-22 23:50:47 +02:00
Juergen Hoeller 5f60d700a1 Reordered Jackson initialization steps and restored HandlerInstantiator else block 2015-05-22 23:50:39 +02:00
Sam Brannen ca66e076d1 Support annotation attribute aliases and overrides via @AliasFor
This commit introduces first-class support for aliases for annotation
attributes. Specifically, this commit introduces a new @AliasFor
annotation that can be used to declare a pair of aliased attributes
within a single annotation or an alias from an attribute in a custom
composed annotation to an attribute in a meta-annotation.

To support @AliasFor within annotation instances, AnnotationUtils has
been overhauled to "synthesize" any annotations returned by "get" and
"find" searches. A SynthesizedAnnotation is an annotation that is
wrapped in a JDK dynamic proxy which provides run-time support for
@AliasFor semantics. SynthesizedAnnotationInvocationHandler is the
actual handler behind the proxy.

In addition, the contract for @AliasFor is fully validated, and an
AnnotationConfigurationException is thrown in case invalid
configuration is detected.

For example, @ContextConfiguration from the spring-test module is now
declared as follows:

    public @interface ContextConfiguration {

        @AliasFor(attribute = "locations")
        String[] value() default {};

        @AliasFor(attribute = "value")
        String[] locations() default {};

        // ...
    }

The following annotations and their related support classes have been
modified to use @AliasFor.

- @ManagedResource
- @ContextConfiguration
- @ActiveProfiles
- @TestExecutionListeners
- @TestPropertySource
- @Sql
- @ControllerAdvice
- @RequestMapping

Similarly, support for AnnotationAttributes has been reworked to
support @AliasFor as well. This allows for fine-grained control over
exactly which attributes are overridden within an annotation hierarchy.
In fact, it is now possible to declare an alias for the 'value'
attribute of a meta-annotation.

For example, given the revised declaration of @ContextConfiguration
above, one can now develop a composed annotation with a custom
attribute override as follows.

    @ContextConfiguration
    public @interface MyTestConfig {

        @AliasFor(
           annotation = ContextConfiguration.class,
           attribute = "locations"
        )
        String[] xmlFiles();

        // ...
    }

Consequently, the following are functionally equivalent.

- @MyTestConfig(xmlFiles = "test.xml")
- @ContextConfiguration("test.xml")
- @ContextConfiguration(locations = "test.xml").

Issue: SPR-11512, SPR-11513
2015-05-22 00:01:07 +02:00
Stephane Nicoll 3d86f15a84 Merge BeanWrapperImpl and DirectFieldAccessor
`BeanWrapperImpl` and `DirectFieldAccessor` are two
`ConfigurablePropertyAccessor` implementations with different features
set.

This commit harmonizes the two implementations to use a common base class
that delegates the actual property handling to the sub-classes:

* `BeanWrapperImpl`:  `PropertyDescriptor` and introspection utilities
* `DirectFieldAccessor`: reflection on `java.lang.Field`

Issues: SPR-12206 - SPR-12805
2015-05-21 13:49:55 +02:00
Rossen Stoyanchev 1ba0625cd9 Add baseUrl to DefaultUriTemplateHandler
Issue: SPR-13035
2015-05-20 15:12:32 -04:00
Juergen Hoeller b4095c3e1d Class identity comparisons wherever possible
Issue: SPR-12926
2015-05-20 14:34:16 +02:00
Stephane Nicoll cf391f5ce1 polish
Remove unused imports
2015-05-19 08:49:01 +02:00
Rossen Stoyanchev 6468aa775c Polish
Issue: SPR-12893
2015-05-18 16:48:05 -04:00
Luciano Leggieri 69fc2a8ab2 Support OkHttp as (Async)ClientHttpRequestFactory
This commit introduces support for OkHttp
(http://square.github.io/okhttp/) as a backing implementation for
ClientHttpRequestFactory and AsyncClientHttpRequestFactory.

Issue: SPR-12893
2015-05-18 16:48:05 -04:00
Rossen Stoyanchev 5e8d838334 CORS-related refinements
After this change CorsProcessor has a single processRequest method and
it also explicitly deals with a null CorsConfiguration, which for
pre-flight requests results in a rejection while for simple requests
results in no CORS headers added.

The AbstractHandlerMapping now uses a LinkedHashMap to preserve the
order in which global patterns are provided.
2015-05-18 12:20:54 -04:00
Arjen Poutsma 441ed801d9 Javadoc 2015-05-18 13:48:07 +02:00
Arjen Poutsma a76bbae51d Javadoc 2015-05-18 10:46:38 +02:00
Sebastien Deleuze 49fff7513d Add global CORS configuration capabilities
This commit adds JavaConfig based global CORS configuration
capabilities to Spring MVC. It is now possible to specify
multiple CORS configurations, each mapped on a path pattern,
by overriding
WebMvcConfigurerAdapter#configureCrossOrigin(CrossOriginConfigurer).

It is also possible to combine global and @CrossOrigin based
CORS configuration.

Issue: SPR-12933
2015-05-16 00:52:51 +02:00
Rossen Stoyanchev ca410fea53 Add component-neutral encode option in UriUtils
Issue: SPR-12750, SPR-12942
2015-05-14 14:51:13 -04:00
Rossen Stoyanchev 3e59c244f9 Add UriTemplateHandler
This change introduces a strategy for expanding a URI template into a
URI and makes it a property of the RestTemplate and AsyncRestTemplate
so that they can be pre-configured with such a strategy.

The DefaultUriTemplateHandler relies on UriComponentsBuilder internally
and provides functionality equivalent to using the UriTemplate.
A DefaultUriTemplateHandler can also be configured to parse the path
of a URI template into path segments in order to allow expanding URI
variables according to path segment encoding rules.

Issue: SPR-12750
2015-05-14 14:50:00 -04:00
Rossen Stoyanchev 2c408b7069 Revert change to support {/...} var syntax
Issue: SPR-12750
2015-05-14 10:06:33 -04:00
Juergen Hoeller 00147379f9 Polishing
(cherry picked from commit 9e925aa)
2015-05-11 22:22:23 +02:00
Juergen Hoeller 0d2859c99b Javadoc fixes
(cherry picked from commit a8f7539)
2015-05-11 22:01:23 +02:00
Juergen Hoeller 64a01d64c5 Polishing 2015-05-11 14:42:45 +02:00
Juergen Hoeller cf0a916793 Consistent non-public AsyncRequestInterceptor classes
Issue: SPR-11694
2015-05-09 18:05:31 +02:00
Juergen Hoeller 1cc042d4c7 Polishing 2015-05-07 16:03:15 +02:00
Sebastien Deleuze 5465506fdd Register automatically Jackson's JDK 8 module when available
Issue: SPR-12983
2015-05-07 14:43:06 +02:00
Rossen Stoyanchev 8853107f76 Find CORS config by HandlerMethod
Before this change AbstractHandlerMethodMapping used a map from Method
to CorsConfiguration. That works for regular @RequestMapping methods.
However frameworks like Spring Boot and Spring Integration may
programmatically register the same Method under multiple mappings,
i.e. adapter/gateway type classes.

This change ensures that CorsConfiguraiton is indexed by HandlerMethod
so that we can store CorsConfiguration for different handler instances
even when the method is the same.

In order for to make this work, HandlerMethod now provides an
additional field called resolvedFromHandlerMethod that returns the
original HandlerMethod (with the String bean name). This makes it
possible to  perform reliable lookups.

Issue: SPR-11541
2015-05-05 12:56:07 -04:00
Sam Brannen 572cbb0821 Consistently supply test name to @Parameters 2015-05-05 14:07:00 +02:00
Rossen Stoyanchev e306098155 Encapsulate CORS checking within CorsConfiguration
CorsConfiguration now provides methods to check and determine the
allowed origin, method, and headers according to its own configuration.

This simplifies significantly the work that needs to be done from
DefaultCorsProcessor. However an alternative CorsProcessor can still
access the raw CorsConfiguration and perform its own checks.

Issue: SPR-12885
2015-05-05 09:31:41 +02:00
Sebastien Deleuze 83f269b512 Make DefaultCorsProcessor Servlet 2.5 compliant
This commit adds CORS related headers to HttpHeaders
and update DefaultCorsProcessor implementation to
use ServerHttpRequest and ServerHttpResponse instead
of HttpServletRequest and HttpServletResponse. Usage
of ServerHttpResponse allows to avoid using Servlet 3.0
specific methods in order keep CORS support Servlet 2.5
compliant.

Issue: SPR-12885
2015-05-05 09:31:41 +02:00
Rossen Stoyanchev a274ede3ef Polish HierarchicalUriComponents 2015-05-04 11:46:29 -04:00
Rossen Stoyanchev 49e90575e9 Disable ShallowEtagHeaderFilter for HTTP streaming
Issue: SPR-12960
2015-05-04 06:08:25 -04:00
Rossen Stoyanchev 68ecb92d1f Allow "ws" and "wss" for isValidCorsOrigin checks
Issue: SPR-12956
2015-05-04 06:08:25 -04:00
Rossen Stoyanchev 8376e1eca1 Support @RequestMapping as meta-annotation
Issue: SPR-12296
2015-04-24 10:33:44 -04:00
Sebastien Deleuze 5b0a0f4db5 Support CompletableFuture as alternative to DeferredResult in MVC
Issue: SPR-12597
2015-04-20 14:19:31 +02:00
Juergen Hoeller 10a51a4f19 InvocableHandlerMethod logs argument resolution exceptions at debug level
Issue: SPR-12925
2015-04-16 20:26:11 +02:00
Juergen Hoeller fafb823e8d Polishing 2015-04-15 15:13:42 +02:00
Juergen Hoeller af272c2124 HttpEntity and its subclasses insist on same target type for equality
Issue: SPR-12910
2015-04-15 14:58:16 +02:00
Rossen Stoyanchev b18053f93a Fix failing test
The onFailure callback and future.get() occur in different threads so
this change adds a latch to ensure we have both before asserting.

Issue: SPR-12887
2015-04-13 15:31:35 -04:00
Rossen Stoyanchev 8ff7cc73bc Try defaulContentType for application/octet-stream
AbstractHttpMessageConverter now tries to call getDefaultContentType
with the actual value to be converted to see if that will result in
a more concrete mediat type than application/octet-stream.

Issue: SPR-12894
2015-04-13 14:31:25 -04:00
Arjen Poutsma b119a9c82c FutureAdapter should wrap RuntimeExceptions
RuntimeExceptions thrown from FutureAdapter.adapt() should be wrapped in
an ExecutionException, not thrown as is.

Issue: SPR-12887
2015-04-10 12:52:15 +02:00
Rossen Stoyanchev b6449baaa6 List all unsatisfied request param groups
Issue: SPR-12854
2015-04-06 23:33:56 -04:00
Rossen Stoyanchev 6f5359e40c Enrich TypeMismatchException for controller method args
Issue: SPR-10153
2015-04-06 22:36:54 -04:00
Rossen Stoyanchev eb8c253499 Fix failing tests 2015-04-03 12:26:17 -04:00
Rossen Stoyanchev 452c3230cc Polishing 2015-04-03 10:56:51 -04:00
Sebastien Deleuze b0e1e66b7f Add CORS support
This commit introduces support for CORS in Spring Framework.

Cross-origin resource sharing (CORS) is a mechanism that allows
many resources (e.g. fonts, JavaScript, etc.) on a web page to
be requested from another domain outside the domain from which
the resource originated. It is defined by the CORS W3C
recommandation (http://www.w3.org/TR/cors/).

A new annotation @CrossOrigin allows to enable CORS support
on Controller type or method level. By default all origins
("*") are allowed.

@RestController
public class SampleController {

	@CrossOrigin
	@RequestMapping("/foo")
	public String foo() {
		// ...
	}
}

Various @CrossOrigin attributes allow to customize the CORS configuration.

@RestController
public class SampleController {

	@CrossOrigin(origin = { "http://site1.com", "http://site2.com" },
				 allowedHeaders = { "header1", "header2" },
				 exposedHeaders = { "header1", "header2" },
				 method = RequestMethod.DELETE,
				 maxAge = 123, allowCredentials = "true")
	@RequestMapping(value = "/foo", method = { RequestMethod.GET, RequestMethod.POST} )
	public String foo() {
		// ...
	}
}

A CorsConfigurationSource interface can be implemented by HTTP request
handlers that want to support CORS by providing a CorsConfiguration
that will be detected at AbstractHandlerMapping level. See for
example ResourceHttpRequestHandler that implements this interface.

Global CORS configuration should be supported through ControllerAdvice
(with type level @CrossOrigin annotated class or class implementing
CorsConfigurationSource), or with XML namespace and JavaConfig
configuration, but this is not implemented yet.

Issue: SPR-9278
2015-04-02 16:12:11 +02:00
Sebastien Deleuze 35f40ae654 Add @JsonView deserialization support for request bodies
Jackson 2.5.0 or later is required.

Issue: SPR-12501
2015-04-02 12:05:45 +02:00
Sebastien Deleuze ca06582f2a Support Jackson @JsonFilter
This commit adds a filters property to MappingJacksonValue
and also manages a special FilterProvider class name model key in
order to be able to specify a customized FilterProvider for each
handler method execution, and thus provides a more dynamic
alternative to our existing JsonView support.

A filters property is also now available in Jackson2ObjectMapperBuilder
and Jackson2ObjectMapperFactoryBean in order to set easily a
global FilterProvider.

More details about @JsonFilter at
http://wiki.fasterxml.com/JacksonFeatureJsonFilter.

Issue: SPR-12586
2015-04-02 11:23:18 +02:00
Juergen Hoeller 514eb4281c Polishing 2015-04-01 17:23:45 +02:00
Arjen Poutsma caee78aee3 Netty4ClientHttpRequest ignores query params
Before this commit, Netty4ClientHttpRequest ignored query parameters
(?foo=bar). This commit fixes that.

Issue: SPR-12779
2015-04-01 13:08:56 +02:00
Rossen Stoyanchev 3a8a28beec Consolidate partialPaths under FullPathComposite 2015-03-31 21:34:39 -04:00
Arjen Poutsma 7668ea1549 Support {/...} patterns in UriComponents(Builder)
This commit introduces support for "Path Segment URI Variable
expansion", see https://tools.ietf.org/html/rfc6570#section-3.2.6.
In practice, this means that URI template variables prefixed with a '/'
are treated like path segments and - as such - will encode any '/'
found. For example: {/foo} expanded with "bar/baz" with result in
"bar%2F".

Issue: SPR-12750
2015-03-31 21:34:39 -04:00
Juergen Hoeller 39bc8b7992 AbstractContextLoaderInitializer and AbstractDispatcherServletInitializer support ApplicationContextInitializers now
Issue: SPR-12430
2015-03-31 17:21:57 +02:00
Juergen Hoeller d05fc2ed9c CookieGenerator explicitly sets 'secure' and 'httpOnly' flags in removeCookie as well
Issue: SPR-12865
2015-03-31 09:59:55 +02:00
Juergen Hoeller beae336627 Polishing 2015-03-25 15:22:41 +01:00
Juergen Hoeller d23893fd25 Consistent javadoc param declarations for type variables 2015-03-25 00:44:01 +01:00
Juergen Hoeller c8cc8b7cbd Removed outdated references to Servlet 2.3/2.4
(cherry picked from commit 673dac5)
2015-03-24 21:24:12 +01:00
Rossen Stoyanchev 44e8f7b333 Revert "Support {/var} syntax in UriComponentsBuilder"
This reverts commit a57d42829c after the
realization of a weaknesses with the proposed approach.

For example if a path segment contains both a /-prefixed and a regular
URI variable, there is no way to split that into a sequence of path
and path segments. The solution will have to be on the side of
UriComponents at the time of encoding.
2015-03-23 16:44:03 -04:00
Rossen Stoyanchev 95f6e4cc9b Support StreamingResponseBody return value type
Issue: SPR-12831
2015-03-23 15:38:52 -04:00
Brian Clozel f9ce11eef8 Provide controller level Cache-Control support
Prior to this commit, Cache-Control HTTP headers could be set using
a WebContentInterceptor and configured cache mappings.

This commit adds support for cache-related HTTP headers at the controller
method level, by returning a ResponseEntity instance:

ResponseEntity.status(HttpStatus.OK)
    .cacheControl(CacheControl.maxAge(1, TimeUnit.HOURS).cachePublic())
    .eTag("deadb33f8badf00d")
    .body(entity);

Also, this change now automatically checks the "ETag" and
"Last-Modified" headers in ResponseEntity, in order to respond HTTP
"304 - Not Modified" if necessary.

Issue: SPR-8550
2015-03-23 18:05:14 +01:00
Brian Clozel 38f32e3816 Improve HTTP caching flexiblity
This commit improves HTTP caching defaults and flexibility in
Spring MVC.

1) Better default caching headers

The `WebContentGenerator` abstract class has been updated with
better HTTP defaults for HTTP caching, in line with current
browsers and proxies implementation (wide support of HTTP1.1, etc);
depending on the `setCacheSeconds` value:

* sends "Cache-Control: max-age=xxx" for caching responses and
do not send a "must-revalidate" value by default.
* sends "Cache-Control: no-store" or "Cache-Control: no-cache"
in order to prevent caching

Other methods used to set specific header such as
`setUseExpiresHeader` or `setAlwaysMustRevalidate` are now deprecated
in favor of `setCacheControl` for better flexibility.
Using one of the deprecated methods re-enables previous HTTP caching
behavior.

This change is applied in many Handlers, since
`WebContentGenerator` is extended by `AbstractController`,
`WebContentInterceptor`, `ResourceHttpRequestHandler` and others.

2) New CacheControl builder class

This new class brings more flexibility and allows developers
to set custom HTTP caching headers.

Several strategies are provided:

* `CacheControl.maxAge(int)` for caching responses with a
"Cache-Control: max-age=xxx" header
* `CacheControl.noStore()` prevents responses from being cached
with a "Cache-Control: no-store" header
* `CacheControl.noCache()` forces caches to revalidate the cached
response before reusing it, with a "Cache-Control: no-store" header.

From that point, it is possible to chain method calls to craft a
custom CacheControl instance:

```
CacheControl cc = CacheControl.maxAge(1, TimeUnit.HOURS)
    .cachePublic().noTransform();
```

3) Configuring HTTP caching in Resource Handlers

On top of the existing ways of configuring caching mechanisms,
it is now possible to use a custom `CacheControl` to serve
resources:

```
@Configuration
public class MyWebConfig extends WebMvcConfigurerAdapter {

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    CacheControl cc = CacheControl.maxAge(1, TimeUnit.HOURS);
    registry.addResourceHandler("/resources/**)
            .addResourceLocations("classpath:/resources/")
            .setCacheControl(cc);
  }
}
```

or

```
<mvc:resources mapping="/resources/**" location="classpath:/resources/">
  <mvc:cachecontrol max-age="3600" cache-public="true"/>
</mvc:resources>
```

Issue: SPR-2779, SPR-6834, SPR-7129, SPR-9543, SPR-10464
2015-03-23 18:01:04 +01:00
Markus Malkusch 953608ec49 Improve ETag & Last-Modifed support in WebRequest
This change improves the following use cases with
`WebRequest.checkNotModified(String etag)` and
`WebRequest.checkNotModified(long lastModifiedTimeStamp)`:

1) Allow weak comparisons for ETags

Per rfc7232 section-2.3, ETags can be strong or weak;
this change allows comparing weak forms `W/"etagvalue"` but does
not make a difference between strong and weak comparisons.

2) Allow multiple ETags in client requests

HTTP clients can send multiple ETags values in a single header such as:
`If-None-Match: "firstvalue", "secondvalue"`
This change makes sure each value is compared to the one provided by
the application side.

3) Extended support for ETag values

This change adds padding `"` to the ETag value provided by
the application, if not already done:
`etagvalue` => `"etagvalue"`

It also supports wildcard values `*` that can be sent by HTTP clients.

4) Sending validation headers for 304 responses

As defined in https://tools.ietf.org/html/rfc7232#section-4.1
`304 Not Modified` reponses must generate `Etag` and `Last-Modified`
HTTP headers, as they would have for a `200 OK` response.

5) Providing a new method to validate both Etag & Last-Modified

Also, this change adds a new method
`WebRequest.checkNotModified(String etag, long lastModifiedTimeStamp)`
in order to support validation of both `If-None-Match` and
`Last-Modified` headers sent by HTTP clients, if both values are
supported by the application code.

Even though this approach is recommended by the HTTP rfc (setting both
Etag and Last-Modified headers in the response), this requires more
application logic and may not apply to all resources produced by the
application.

Issue: SPR-11324
2015-03-23 17:36:06 +01:00
Juergen Hoeller 56273a8ff3 Polishing 2015-03-21 01:19:01 +01:00
Rossen Stoyanchev f06dffb714 Improve MockHttpServletRequest/Response charset parsing
Issue: SPR-12677
2015-03-20 16:12:46 -04:00
Rossen Stoyanchev a57d42829c Support {/var} syntax in UriComponentsBuilder
Issue: SPR-12750
2015-03-20 15:35:43 -04:00
Rossen Stoyanchev 6a96c26dd4 Add HttpRange tests, set Accept-Range header, polish
Issue: SPR-10805
2015-03-20 15:35:43 -04:00
Arjen Poutsma da48739628 Support byte ranges in ResourceHttpRequestHandler
This commit introduces support for HTTP byte ranges in the
ResourceHttpRequestHandler. This support consists of a number of
changes:

- Parsing of HTTP Range headers in HttpHeaders, using a new HttpRange
  class and inner ByteRange/SuffixByteRange subclasses.
- MIME boundary generation moved from FormHttpMessageConverter to
  MimeTypeUtils.
- writePartialContent() method introduced in ResourceHttpRequestHandler,
  handling the byte range logic
- Additional partial content tests added to
  ResourceHttpRequestHandlerTests.

Issue: SPR-10805
2015-03-20 15:35:43 -04:00
Rossen Stoyanchev 0e7eecfe34 Add copyToUriComponentsBuilder method
After this change UriComponentsBuilder#uriComponents method no longer
no longer copies from the given UriComponents but rather lets the
UriComponents instance copy itself to the UriComponentsBuilder.

This avoids the need for instanceof checks and also makes it possible
to distinguish between path and path segments, which otherwise is
internal knowledge of UriComponentsBuilder.

Issue: SPR-12742
2015-03-20 15:35:43 -04:00
Juergen Hoeller 898c24fcdd Optimized access to resolved bean type (avoiding BeanFactory locks)
Revised HandlerMethod.getBeanType() impl for both web and messaging.
In addition, HandlerMethods get created with the internal BeanFactory now.

Issue: SPR-12832
2015-03-20 17:35:44 +01:00
Juergen Hoeller 370e3a52bf HttpComponentsClientHttpRequestFactory supports plain HttpClient (i.e. non-CloseableHttpClient implementations) as well
Issue: SPR-12826
2015-03-17 21:24:51 +01:00
Rossen Stoyanchev febcd0c46d Add baseUrl overloaded MvcUriComponentsBuilder methods
Issue: SPR-12800
2015-03-16 20:45:01 -04:00
Juergen Hoeller 162ee36700 Polishing 2015-03-16 21:01:28 +01:00
Juergen Hoeller abd7052b16 ContentCachingRequestWrapper converts IOException to IllegalStateException
Issue: SPR-12810
(cherry picked from commit ce84faf)
2015-03-13 20:20:51 +01:00
Juergen Hoeller bc6a98c144 Polishing (in particular updating javadoc references to Apache Commons) 2015-03-13 18:19:10 +01:00
Rossen Stoyanchev 69b3e00215 Support comma-separated X-Forwarded-Proto
Issue: SPR-12816
2015-03-13 13:02:52 -04:00
Brian Clozel c6250f5164 Fix InputStream caching in ContentCachingReqWrapper
Prior to this commit, the ContentCachingRequestWrapper would immediately
consume the wrapped request's InputStream when asked for the cached
content; that caused several issues:

* the request body was read in memory even if it wasn't yet consumed by
the application, leading to inefficiencies.
* when requesting the InputStream, an empty InputStream was returned
since the original was already read.

This case only happened for form POSTs requests.

This commit makes sure that the wrapper does not alter the request
expected behavior:

* when getting the inputstream, it is wrapped in order to cache its
content
* when getting request parameters, the request body is cached and its
inputstream is consumed, as expected

Issue: SPR-12810
2015-03-13 16:07:20 +01:00
Rossen Stoyanchev 88a14488a1 Support comma-separated X-Forwarded-Port
Issue: SPR-12813
2015-03-13 09:56:43 -04:00
Rossen Stoyanchev 624790a520 Move X-Forwarded-* tests to UriComponentsBuilderTests 2015-03-13 09:33:21 -04:00
Juergen Hoeller 73e8021e59 ResponseEntity's headers(HttpHeaders) accepts null value
Issue: SPR-12792
2015-03-10 15:11:58 +01:00
Juergen Hoeller 5ba7b89e29 StandardMultipartFile declares itself as Serializable now
Issue: SPR-12795
2015-03-10 15:10:15 +01:00
Sam Brannen d90cee78ef Remove trailing whitespace in source code 2015-03-07 21:16:18 +01:00
Rossen Stoyanchev b7dd520784 Fix formatting 2015-03-05 22:50:48 -05:00
Arjen Poutsma 8ab2e47556 HttpMessageConverters should support streaming
All HttpMessageConverters should support StreamingHttpOutputMessage.
Specifically, the BufferedImageHttpMessageConverter and
FormHttpMessageConverter should do so.

Issue: SPR-12715
2015-03-05 22:50:48 -05:00
Rossen Stoyanchev d64c48ff5f UriComponentsBuilder.fromHttpRequest sets port correctly
Issue: SPR-12771
2015-03-05 21:52:27 -05:00
Juergen Hoeller b541fc9366 Polishing 2015-03-05 18:56:57 +01:00
Juergen Hoeller ee74fe6c27 Latest dependency updates (HttpClient 4.4, TestNG 6.8.21, SnakeYAML 1.15, FreeMarker 2.3.22, JRuby 1.7.19, JAMon 2.81, JiBX 1.2.6, XMLUnit 1.6, JsonPath 1.2) 2015-03-02 20:00:17 +01:00
Stephane Nicoll babbf6e871 Harmonize resources location
Issue: SPR-12766
2015-02-28 10:32:40 +01:00
Juergen Hoeller 594a14ab25 RestTemplate avoids use of warn level for response errors
Protected handleResponse method replaces former private logResponseStatus/handleResponseError methods.

Issue: SPR-12760
2015-02-27 22:28:07 +01:00
Arjen Poutsma e24ebd6dbb Add connect/read timeout to Netty RequestFactory
Added connectTimeout and readTimeout properties to the
Netty4ClientHttpRequestFactory.

Issue: SPR-12612
2015-02-27 11:44:27 -05:00
Juergen Hoeller cc33d3fac8 Polishing 2015-02-25 19:05:06 +01:00
Brian Clozel 1705930c8e Merge pull request #735 from rjozwik/fix-huc-is-reserved
Fix reserved set definition according to appendix A of RFC 3986
2015-02-23 10:09:23 +01:00
Juergen Hoeller 7191050e26 Revised common validation methods in AbstractMessageConverterMethodArgumentResolver
The protected validation methods are analogous to ModelAttributeMethodProcessor now.

Issue: SPR-12655
2015-02-19 23:37:07 +01:00
Sebastien Deleuze 90e6304b49 Adjust log level for invalid SockJS or Websocket requests 2015-02-19 16:52:19 +01:00
Sebastien Deleuze 40cbede7f3 Improve error handling in WebUtils.isValidOrigin()
With this commit, WebUtils.isValidOrigin() logs an error message instead
of throwing an IllegalArgumentException when Origin header value is
invalid (for example when it does not contain the scheme).

Issue: SPR-12697
2015-02-19 16:51:58 +01:00
Juergen Hoeller 2135e70f36 Polishing 2015-02-18 17:59:32 +01:00
Juergen Hoeller 0c15a54007 Polishing 2015-02-18 16:45:16 +01:00
Sebastien Deleuze 6062e15572 Change SockJS and Websocket default allowedOrigins to same origin
This commit adds support for a same origin check that compares
Origin header to Host header. It also changes the default setting
from all origins allowed to only same origin allowed.

Issues: SPR-12697, SPR-12685
2015-02-18 09:30:15 +01:00
Juergen Hoeller 77fcf21401 Refined Jackson configuration enhancements
Issue: SPR-12594
Issue: SPR-12634
2015-02-11 20:37:04 +01:00
Radosław Józwik 6d734f2340 Fix reserved set definition according to appendix A of RFC 3986
I have signed and agree to the terms of the SpringSource Individual
Contributor License Agreement.
2015-02-10 23:17:59 +01:00
Juergen Hoeller f58abd3d9a Polishing (forward-ported from 4.1.x) 2015-02-10 23:04:12 +01:00
Juergen Hoeller 058714b03a Polishing 2015-02-10 19:30:59 +01:00
Juergen Hoeller 7585be85f3 Revised validation javadoc, plus protected validate/isBindingErrorFatal template methods
Issue: SPR-12655
2015-02-10 19:28:30 +01:00
Rossen Stoyanchev f84c458aba Add fromHttpRequest to UriComponentsBuilder
Before this change, detection of X-Forwarded-* headers was only built
into ServletUriComponentsBuilder.

This change adds a new method for creating a UriComponentsBuilder from
an existing HttpRequest. This is equivalent to the fromUri method +
X-Forwarded-* header values.
2015-02-10 06:53:14 +01:00
Sebastien Deleuze b215d4c29e Add modulesToInstall(Modules...) to Jackson builder
This commit also adds a modules(Module...) method in addition to
modules(List<Module> modules) in order to be consistent with other
parts of the API.

Issue: SPR-12634
2015-02-03 11:58:21 +01:00
Rossen Stoyanchev 78f3a3cb11 Update javadoc for MultipartFile.transferTo
Issue: SPR-12650
2015-02-02 17:29:39 -05:00
Rossen Stoyanchev fd426aaa4d Update Netty4ClientHttpRequestFactory buffer size
Before this change, the maxRequestSize property was used (incorrectly)
to limit both the size of the request and response. The change:

- removes maxRequestSize and therefore no longer places limits on the
size of the request thus matching to AbstractBufferingClientHttpRequest
which is the base class for other buffering client implementations.

- adds maxResponseSize property required to create Netty's
HttpObjectAggregator for aggregating responses.

Issue: SPR-12623
2015-02-02 15:50:22 -05:00
Rossen Stoyanchev a32b5e61d0 Add support for Server-Sent Events
This commit adds ResponseBodyEmitter and SseEmitter (and also
ResponseEntity<ResponseBodyEmitter> and ResponseEntity<SseEmitter>) as
new return value types supported on @RequestMapping controller methods.

See Javadoc on respective types for more details.

Issue: SPR-12212
2015-01-29 17:55:09 -05:00
Sebastien Deleuze ccb1c13951 Use UTC timezone in Jackson builder and factory tests
Issue: SPR-12634
2015-01-26 15:59:15 +01:00
Brian Clozel cf86ecddb5 Avoid loss of body content in AbstractRequestLoggingFilter
Prior to this commit, the `ContentCachingRequestWrapper` class would
cache the response content only if the reponse would be consumed using
its InputStream. In case of a Form request, Spring MVC consumes the
response using the `getParameter*` Servlet API methods. This causes the
cached content to never be written.

This commit makes the `ContentCachingResponseWrapper` write the request
body to the cache buffer by using the `getParameter*` API, thus avoiding
those issues.

Issue: SPR-7913
2015-01-26 11:41:34 +01:00
Sebastien Deleuze 5fb6d6d89c Allow Jackson builder modules configuration to be customized
Modules (well-known or user provided) registration is now performed
first in order to allow their configuration to be customized by more
specific ones like custom serializers or deserializers.

Issue: SPR-12634
2015-01-26 11:08:08 +01:00
Juergen Hoeller d4dac250a8 AbstractRequestLoggingFilter allows for dedicated shouldLog check in CommonsRequestLoggingFilter
Issue: SPR-12609
2015-01-20 16:01:53 +01:00
Sebastien Deleuze bf7a9754d5 Avoid using Java 8 ZoneId class
Issue: SPR-12594
2015-01-20 15:24:55 +01:00
Sebastien Deleuze b89e62e5f6 Support specifying Jackson TimeZone and Locale
Issue: SPR-12594
2015-01-20 14:57:14 +01:00
Sam Brannen c50df0c420 Polish MessageBodyClientHttpResponseWrapper
Added missing copyright clause and fixed @since version.
2015-01-08 18:02:00 +01:00
Brian Clozel b6675b6167 Revisit empty body response support in HTTP client
Prior to this commit, HTTP responses without body (response status 204
or 304, Content-Length: 0) were handled properly by RestTemplates. But
some other cases were not properly managed, throwing exceptions for
valid HTTP responses.

This commit better handles HTTP responses, using a response wrapper that
can tell if a response:

* has no message body (HTTP status 1XX, 204, 304 or Content-Length:0)
* has an empty message body

This covers rfc7230 Section 3.3.3.

Issue: SPR-8016
2015-01-08 17:34:39 +01:00
Craig Andrews 213a3fd779 Performance improvements in ShallowEtagHeaderFilter
Prior to this change, the ShallowEtagHeaderFilter would use a
ResizableByteArrayOutputStream to internally write data and calculate
the ETag. While that implementation is faster than the regular
ByteArrayOutputStream (since it has a better strategy for growing the
internal buffer), a lot of buffer copying/writing still happens.

This change adds a new FastByteArrayOutputStream implementation that
internally uses a LinkedList<Byte[]> to store the content. So when
writing bytes to that OutputStream implementation, new byte[] are
added to the list when the previous ones are full. This saves most
of the instantiating/copying operations.

Note that new methods were added in DigestUtils to allow usage of
Streams instead of byte[], which is more efficient in our case.

Fixes #653

Issue: SPR-12081
2015-01-08 16:08:09 +01:00
Stephane Nicoll bce145c06e Merged HttpClient defaults with local customizations
Update HttpComponents wrapper to merge local customizations with the
default of the current HttpClient instead of overriding everything.

This is available as from HttpComponents 4.4. that exposes the default
request config from the  client via the Configurable interface. If the
client does not implement such interface, the previous behaviour is
applied

Issue: SPR-12583
2015-01-05 14:28:47 +01:00