Prior to this commit, the `VersionResourceResolver` implementations
would write a strong ETag HTTP response header with the resolved version
of the resource (the actual value depending on the chosen strategy).
This approach doesn't work well when combined with HTTP compression.
Web servers disable HTTP response copression in the presence of strong
ETags since mutating the response body would break the contract.
This commit changes this semantic and ensures that weak ETags are used
instead.
Closes gh-24898
This commit makes the default ServerRequest implementation use a pre-
parsed path container, instead of parsing the path for each invocation
of pathContainer().
This commit changes the way RouterFunctions registered to the builder
are composed in both WebFlux.fn and WebMvc.fn.
Prior to this commit, all routes added to the build were composed with
`reduce`.
After this commit, all routes are stored in a special router function,
allowing for more efficient execution and smaller stack traces.
Closes gh-24652
Credentials are not enabled by default contrary to the javadocs.
The credentials support must be enabled via #allowCredentials.
Closes gh-24691
Co-authored-by: Martin Dindoffer <martin.dindoffer@sigp.eu>
This commit adds the checkNotModified method to ServerRequest in both
WebFlux.fn and WebMvc.fn. Unlike other checkNotModified methods found
in the framework, this method does not return a boolean, but rather
a response wrapped in a Mono/Optional. If the resource has
not been changed, the not-modified response can be returned directly;
if the resource has changed, the user can create a corresponding
response using switchIfEmpty/orElse(Get).
Closes gh-24173
These calls were added in error when trying to fix#22797 and #23775.
They are not needed in 304 scenarios. Those have no response content and
are skipped by ShallowETagHeaderFilter based on the status.
This leaves disableContentCaching invoked only in streaming scenarios,
which was the original intent and should be the only reason for that
method.
See gh-24635
The attribute was previously removed only before exception resolution
in the DispatcherServlet in order to allow error rendering to make an
independent choice on content negotation.
However, Boot rendering happens later in an ERROR dispatch which could
also be a nested dispatch on some servers. So the attribute must also
generally be removed prior to mapping.
We also move the methods where this is done to the base
RequestMappingInfoHandlerMapping class which also deals with the
produces condition and where the producible attribute is added in the
first place.
Closes gh-24466
As per the Javadoc of ConcurrentHashMap its computeIfAbsent
implementation is atomic and hence already synchronized internally,
so we can remove the surrounding synchronization block.
See gh-24470
This commit deprecates PathExtensionContentNegotiationStrategy and
ServletPathExtensionContentNegotiationStrategy and also updates code
that depends on them internally to remove that dependence.
See gh-24179
This commit updates CORS support in order to check Origin header
in CorsUtils#isPreFlightRequest which does not change how Spring
MVC or WebFlux process CORS request but is more correct in term
of behavior since it is a public API potentially used in another
contexts.
It also removes an unnecessary check in
AbstractHandlerMethodMapping#hasCorsConfigurationSource and processes
every preflight request with PreFlightHandler.
Closes gh-24327
When a request is mapped through a producible condition on an
@RequestMapping, then a failure to find a converter/decoder should be
a 500 because the return type + media type pair were declared by the
controller and that should be possible to render.
Closes gh-23287