Commit 8c14009 removed the endpoints.metrics.filter.enabled property so
that endpoints.metrics.enabled is used for both disabling the endpoint
and the servlet filter that records interactions.
This was an unfortunate decision as it was no longer possible to only
disable the servlet filter. The endpoints.metrics.filter.enabled property
has therefore been restored.
Closes gh-4365
Previously, BasicErrorController would return the response status
set in the javax.servlet.error.status_code request attribute when
serving JSON but would also return a 200 OK response when serving
HTML. This didn’t cause much trouble when a person was browsing, but
proved problematic for machine clients that request text/html and care
about the response status. For example, the success handler would be
driven for an XHR request even though the response was really an error.
This commit updates BasicErrorController to set the response status for
text/html responses to match the status that it would use in an
application/json response.
Closes gh-4694
This reverts commit bb9e1be72c.
4.1.7.RELEASE is incompatible with Spring IO Platform 1.1.x due to a
new dependency on kryo-shaded. kryo-shaded was introduced in Kryo
3.0.x but IO Platform 1.1.x uses Kryo 2.
See gh-4719
Tomcat 8.0.30 has changed to using relative URIs in its redirects
by default. To avoid any problems that this behaviour change may
causes we override the default and configure Tomcat to continue to
use absolute URIs.
Closes gh-4715
Previously, LoggingApplicationListener would clean up the logging
system in response to any application context with which it was
registered being closed. This caused problems when a child context was
closed. Specifically, closing the child context would cause any
SLF4J-based logging systems to unregister the JUL bridge handler
preventing an JUL logging being bridged into Logback or Log4J2.
This commit updates LoggingApplicationListener so that the logging
system is only cleaned up when a root application context is
closed.
Closes gh-4651
Some libraries like aspectj are using findResource to see the raw
bytecode of a class. It will even call findResource for every method of
every class of beans that are post processed. This can be significant
performance hit on startup when LaunchedURLClassLoader and there are a
lot of nested jars.
See gh-3640
Fixes gh-4557
Previously, EmbeddedWebApplicationContext used synchronized, but did
not do so consistently. It also synchronized on this so its lock was
exposed outside of the class, creating a risk of deadlock if a caller
synchronized incorrectly. Furthermore, not all fields on the class
were sychronized so the class wasn't truly thread-safe.
This commit attempts to rectify some of the problems above. The use
of synchronized has been dropped in favour of using a volatile field
for the embedded servlet container. Whenever this field is accessed,
a local variable is used to "cache" the value thereby preventing a
change on another thread from causing unwanted behaviour such as an
NPE.
Closes gh-4593
Fixed initially in #3725
The target attribute is effectively checked for null beforehand so this
additional defensive check can be removed.
Closes gh-4567
Previously, UndertowEmbeddedServletContainerFactory always used
Undertow’s default ServletContainer. This meant that if there were two
UndertowEmbeddedServletContainers created, they would share the same
ServletContainer and the second one that was created would overwrite
the deployment for the first. This resulted in a async request
handling failing as the attempt to look up the deployment for the
first embedded Undertow instance would incorrectly find the deployment
for the second.
This commit fixes the problem by ensuring that each
UndertowEmbeddedServletContainerFactory uses a separate Undertow
ServletContainer instance.
Closes gh-4329
The CLI application advertises `-cp` support but it appears that only
`--cp` is really supported. The fix for gh-178 forgot to update the
call to `getParser().parse(...)`.
See gh-178
Update EmbeddedWebApplicationContext so that the servlet container is
shutdown after the context is closed. Unfortunately shutting the
container down before the context has been closed causes exceptions if
the `/shutdown` actuator endpoint is used. It can also cause the Tomcat
classloader to throw IllegalStateExceptions if resources are accessed
during shutdown.
As this commit effectively reverts 0069e41c we need to fix the shutdown
deadlock issue reported in gh-4130 in a different way. The deadlock can
be caused when an incoming HTTP connection occurs whilst the context is
closing. The incoming connection triggers the `FrameworkServlet` to
call `initWebApplicationContext` which in turn calls `refresh`. The
`FrameworkServlet` checks `ApplicationContext.isActive()` before
performing an initialization but prior to this commit we would set
active to `false` before stopping the servlet container. We now override
`onClose` rather than `doClose` in `EmbeddedWebApplicationContext` to
ensure that the active flag is only set to `false` once the servlet
container has been stopped.
See gh-4130
Fixes gh-4396
Spring Initalizr now bundles a wrapper script for the build system. While
that wrapper has the necessary execute flag in the zip archive, that flag
is lost as the zip abstraction does not honor those.
The init command now makes sure to restore the execute flag on `mvnw`
and `gradlew` if necessary.
Unfortunately, this can't be tested as the Windows build would fail to
assert that the executable flag has been propertly set.
Closes gh-4392
Allows users to configure "allowed" file extensions for controller
mappings, so that browsers will not switch to downloading "f.txt"
(part of the recent RFD attack fixes in Spring MVC).
See gh-4220
Commit d0cf6b5 introduced a `endpoints.metrics.filter.enabled` property
key meant to disable the filter. Unfortunately, the `endpoints.metrics`
namespace is already managed so setting this property will fail.
We now use the same key than the one used to disable the metrics
endpoint.
Closes gh-4365
The HATEOAS sample does not support XML responses. Previously, the
controller doesn't constrain the media types that it could produce.
This would result in a failure when handling a request that prefers
XML responses.
This commit updates the produces clauses in the controller so that
the sample will only attempt to produce JSON.
Closes gh-4343
The documentation recommends configuring the HTTP connector in code
and using application.properties to configure the HTTPS connector
as it's easier. This commit updates the sample to follow that
recommendation.
Closes gh-4342
Improve the initial PR to include a filtering of the profiles that were
already enabled via the `spring.profiles.active` property.
Also add more tests to prove that each profile is loaded only once
now.
Closes gh-4273
The problem fixed here is that the Loader keeps track of the profiles it
is going to look at for loading files, but ignores any that were already
active in the Environment if the listener is called initially with
spring.profiles.active not empty.
Closes gh-4261
Previously, the `PORTFILE` system property was not checked if the
`EmbeddedServerPortFileWriter` was created using the default constructor.
This had the effect to prevent overriding of the port file when this
listener is created without any file or via `META-INF/spring.factories`.
Closes gh-4254
Add a BeanFactoryPostProcessor to set PRESERVE_TARGET_CLASS_ATTRIBUTE
to true on all ErrorController bean definitions. Without this attribute
AOP advice on @Controllers causes ErrorController beans to be created
as JDK proxies (since they implement a single valid looking interface)
and therefore not get found by Spring MVC.
Fixes gh-4236
Update the import order settings to be a little more logical. Imports
should now be ordered:
java.*
javax.*
<others>
org.springframework.*
import static *
See gh-4234
Phillip Webb
Stephane Nicoll
Andy Wilkinson
Ivan Chen
Vladimir Tsanev
Dave Syer
Dimitri