|
|
|
@ -399,7 +399,7 @@ implementations is ignored. |
|
|
|
|
In <<mvc-config>> you'll learn about other options for configuring Spring MVC including |
|
|
|
|
MVC Java config and the MVC XML namespace both of which provide a simple starting point |
|
|
|
|
and assume little knowledge of how Spring MVC works. Regardless of how you choose to |
|
|
|
|
configure your application, the concepts explained in this section are fundamental |
|
|
|
|
configure your application, the concepts explained in this section are fundamental and |
|
|
|
|
should be of help to you. |
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -972,7 +972,7 @@ are effective at preventing RFD attacks. |
|
|
|
|
|
|
|
|
|
For comprehensive protection against RFD, prior to rendering the response body |
|
|
|
|
Spring MVC adds a `Content-Disposition:inline;filename=f.txt` header to |
|
|
|
|
suggest a fixed and safe download file filename. This is done only if the URL |
|
|
|
|
suggest a fixed and safe download file. This is done only if the URL |
|
|
|
|
path contains a file extension that is neither whitelisted nor explicitly |
|
|
|
|
registered for content negotiation purposes. However it may potentially have |
|
|
|
|
side effects when URLs are typed directly into a browser. |
|
|
|
@ -1295,7 +1295,7 @@ The following are the supported method arguments: |
|
|
|
|
|
|
|
|
|
* Request or response objects (Servlet API). Choose any specific request or response |
|
|
|
|
type, for example `ServletRequest` or `HttpServletRequest`. |
|
|
|
|
* Session object (Servlet API): of type `HttpSession`. An argument of this type enforces |
|
|
|
|
* Session object (Servlet API) of type `HttpSession`. An argument of this type enforces |
|
|
|
|
the presence of a corresponding session. As a consequence, such an argument is never |
|
|
|
|
`null`. |
|
|
|
|
|
|
|
|
@ -1396,7 +1396,7 @@ this working you have to reorder the parameters as follows: |
|
|
|
|
[NOTE] |
|
|
|
|
==== |
|
|
|
|
JDK 1.8's `java.util.Optional` is supported as a method parameter type with annotations |
|
|
|
|
that have a `required` attribute (e.g. `@RequestParam`, `@RequestHeader`, etc. The use |
|
|
|
|
that have a `required` attribute (e.g. `@RequestParam`, `@RequestHeader`, etc). The use |
|
|
|
|
of `java.util.Optional` in those cases is equivalent to having `required=false`. |
|
|
|
|
==== |
|
|
|
|
|
|
|
|
@ -1537,7 +1537,7 @@ the MVC namespace or the MVC Java config see <<mvc-config-enable>> instead. |
|
|
|
|
<ref bean="stringHttpMessageConverter"/> |
|
|
|
|
<ref bean="marshallingHttpMessageConverter"/> |
|
|
|
|
</util:list> |
|
|
|
|
</property |
|
|
|
|
</property> |
|
|
|
|
</bean> |
|
|
|
|
|
|
|
|
|
<bean id="stringHttpMessageConverter" |
|
|
|
@ -1624,7 +1624,7 @@ so: |
|
|
|
|
---- |
|
|
|
|
@RequestMapping("/something") |
|
|
|
|
public ResponseEntity<String> handle(HttpEntity<byte[]> requestEntity) throws UnsupportedEncodingException { |
|
|
|
|
String requestHeader = requestEntity.getHeaders().getFirst("MyRequestHeader")); |
|
|
|
|
String requestHeader = requestEntity.getHeaders().getFirst("MyRequestHeader"); |
|
|
|
|
byte[] requestBody = requestEntity.getBody(); |
|
|
|
|
|
|
|
|
|
// do something with request header and body |
|
|
|
@ -2655,7 +2655,7 @@ The following example shows how to configure an interceptor: |
|
|
|
|
<bean class="example.MyInterceptor"/> |
|
|
|
|
</property> |
|
|
|
|
</bean> |
|
|
|
|
<beans> |
|
|
|
|
</beans> |
|
|
|
|
---- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|