Undertow’s WebSocket client sends an illegal Origin header – it does
not include the scheme, e.g. it’ll send “localhost” rather than
“http://localhost”. This commit works around the problem by allowing
access to the SockJS endpoints from any origin, thereby disabling
OriginHandlerInterceptor’s checking of the Origin header.
Update the `init` command to support the latest meta-data format. Recent
Spring Initializr version also supports Spring Boot CLI now and generates
a textual service capabilities when requested. The command no longer
generates the capabilities of the service unless said service does not
support it.
Closes gh-2515
- Correct typo (coercable -> coercible)
- Update description to reflect that Spring 4.1.5 supports the
expansion of array properties and and a test that verifies the
behaviour
Parse a version using our version format or any version that complies
with Major.Minor.Patch. Also add a VersionRange utility that can
determine if a given version is withing that range.
Closes gh-2494
If there is more than one DataSource and the non-primary bean-name is
'datasource' an incorrect metric name is chosen.
The metrics are named datasource.active and not datasource.xxx.active. To
avoid this, the shortening of the bean-name only occurs if the bean-name
is longer than 'datasource'.
See gh-2320
Previously each endpoint was secured for path, path/, and path.*.
This meant that a request to path/foo was not secured. This commit
secures path/** to ensure that requests to a nested endpoint path are
also secured.
Fixes gh-2476
We allow the serialization format of dates to be configured using
spring.jackson.date-format. However, this property only applies to
java.util.Date instances and has no effect on a Joda DateTime.
This commit updates our auto-configuration for Jackson to allow
the format string that is used to serialize a Joda DateTime to be
configured. A new property, spring.jackson.joda-date-time-format has
been introduced. When configured, it is used to configure the
serialization format for a Joda DateTime. When it is not configured,
we fall back to using spring.jackson.date-format. If this fails,
either because the format string is incompatible (unlikely) or because
the user's configured the fully-qualified name of a DateFormat class,
a warning is logged encouraging the use of
spring.jackson.joda-date-time-format.
Fixes gh-2225
Prior to this commit, Module beans were registered with all
ObjectMapper beans, but were not registered with the auto-configured
Jackson2ObjectMapperBuilder. This meant that any ObjectMapper created
with the builder but not exposed as a bean would not have the Module
beans registered with it. One such ObjectMapper is the one used by the
auto-configured MappingJackson2XmlHttpMessageConverter. This caused
XML (de)serialization to be different to JSON (de)serialization.
This commit updates JacksonAutoConfiguration to register all of the
application context's Module beans with the auto-configured
Jackson2ObjectMapperBuilder. This ensures consistent configuration
of any ObjectMapper that's created using the builder, irrespective of
whether or not that ObjectMapper is also exposed as a bean, and
also ensures that (de)serialization of JSON and XML is consistent.
See gh-2327
Since the BasicAuthenticationEntryPoint does its own
challenge when authentication fails, we need to add that
entry point in the SpringBootWebSecurityConfiguration
explicitly.
Fixes gh-2483
Since @ConfigurationProperties binding uses a single instance of
PropertySourcesPropertyValues per bean, there doesn't seem to be
any issue with using a normal LinkedHashMap. Then the order
passed in as PropertySources will be preserved.
Fixes gh-2487
Stephane Nicoll
izeye
StevenGeens
Andy Wilkinson
Dave Syer
Rob Winch
Johannes Stelzer