diff --git a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java index 4997b1609f..f96a113011 100644 --- a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java +++ b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java @@ -20,14 +20,6 @@ import java.io.IOException; import java.lang.reflect.Type; import java.nio.charset.Charset; -import com.fasterxml.jackson.core.JsonEncoding; -import com.fasterxml.jackson.core.JsonGenerator; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.util.DefaultPrettyPrinter; -import com.fasterxml.jackson.databind.JavaType; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.SerializationFeature; - import org.springframework.http.HttpInputMessage; import org.springframework.http.HttpOutputMessage; import org.springframework.http.MediaType; @@ -37,6 +29,14 @@ import org.springframework.http.converter.HttpMessageNotReadableException; import org.springframework.http.converter.HttpMessageNotWritableException; import org.springframework.util.Assert; +import com.fasterxml.jackson.core.JsonEncoding; +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.util.DefaultPrettyPrinter; +import com.fasterxml.jackson.databind.JavaType; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; + /** * Implementation of {@link org.springframework.http.converter.HttpMessageConverter HttpMessageConverter} that * can read and write JSON using Jackson 2.x's {@link ObjectMapper}. @@ -61,7 +61,7 @@ public class MappingJackson2HttpMessageConverter extends AbstractHttpMessageConv private ObjectMapper objectMapper = new ObjectMapper(); - private boolean prefixJson = false; + private String jsonPrefix; private Boolean prettyPrint; @@ -97,15 +97,25 @@ public class MappingJackson2HttpMessageConverter extends AbstractHttpMessageConv return this.objectMapper; } + /** + * Specify a custom prefix to use for this view's JSON output. + * Default is none. + * @see #setPrefixJson + */ + public void setJsonPrefix(String jsonPrefix) { + this.jsonPrefix = jsonPrefix; + } + /** * Indicate whether the JSON output by this view should be prefixed with "{} &&". Default is false. *

Prefixing the JSON string in this manner is used to help prevent JSON Hijacking. * The prefix renders the string syntactically invalid as a script so that it cannot be hijacked. * This prefix does not affect the evaluation of JSON, but if JSON validation is performed on the * string, the prefix would need to be ignored. + * @see #setJsonPrefix */ public void setPrefixJson(boolean prefixJson) { - this.prefixJson = prefixJson; + this.jsonPrefix = prefixJson ? "{} && " : null; } /** @@ -194,7 +204,7 @@ public class MappingJackson2HttpMessageConverter extends AbstractHttpMessageConv } try { - if (this.prefixJson) { + if (this.jsonPrefix != null) { jsonGenerator.writeRaw("{} && "); } this.objectMapper.writeValue(jsonGenerator, object); diff --git a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonHttpMessageConverter.java b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonHttpMessageConverter.java index adf03b9b0b..bd3612134d 100644 --- a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonHttpMessageConverter.java +++ b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonHttpMessageConverter.java @@ -26,7 +26,6 @@ import org.codehaus.jackson.JsonProcessingException; import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.SerializationConfig; import org.codehaus.jackson.type.JavaType; - import org.springframework.http.HttpInputMessage; import org.springframework.http.HttpOutputMessage; import org.springframework.http.MediaType; @@ -59,7 +58,7 @@ public class MappingJacksonHttpMessageConverter extends AbstractHttpMessageConve private ObjectMapper objectMapper = new ObjectMapper(); - private boolean prefixJson = false; + private String jsonPrefix; private Boolean prettyPrint; @@ -95,15 +94,25 @@ public class MappingJacksonHttpMessageConverter extends AbstractHttpMessageConve return this.objectMapper; } + /** + * Specify a custom prefix to use for this view's JSON output. + * Default is none. + * @see #setPrefixJson + */ + public void setJsonPrefix(String jsonPrefix) { + this.jsonPrefix = jsonPrefix; + } + /** * Indicate whether the JSON output by this view should be prefixed with "{} &&". Default is false. *

Prefixing the JSON string in this manner is used to help prevent JSON Hijacking. * The prefix renders the string syntactically invalid as a script so that it cannot be hijacked. * This prefix does not affect the evaluation of JSON, but if JSON validation is performed on the * string, the prefix would need to be ignored. + * @see #setJsonPrefix */ public void setPrefixJson(boolean prefixJson) { - this.prefixJson = prefixJson; + this.jsonPrefix = prefixJson ? "{} && " : null; } /** @@ -190,7 +199,7 @@ public class MappingJacksonHttpMessageConverter extends AbstractHttpMessageConve } try { - if (this.prefixJson) { + if (this.jsonPrefix != null) { jsonGenerator.writeRaw("{} && "); } this.objectMapper.writeValue(jsonGenerator, object); diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java index f9ec842ef9..77ca202fab 100644 --- a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java +++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java @@ -142,7 +142,7 @@ public class MappingJackson2JsonView extends AbstractView { * @see #setJsonPrefix */ public void setPrefixJson(boolean prefixJson) { - this.jsonPrefix = prefixJson ? "{} && " : ""; + this.jsonPrefix = prefixJson ? "{} && " : null; } /** diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJacksonJsonView.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJacksonJsonView.java index 10a0bc840c..14ed6e2cda 100644 --- a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJacksonJsonView.java +++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJacksonJsonView.java @@ -141,7 +141,7 @@ public class MappingJacksonJsonView extends AbstractView { * @see #setJsonPrefix */ public void setPrefixJson(boolean prefixJson) { - this.jsonPrefix = prefixJson ? "{} && " : ""; + this.jsonPrefix = prefixJson ? "{} && " : null; } /**