- 23 5月, 2015 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 13 5月, 2015 1 次提交
-
-
由 Juergen Hoeller 提交于
Issue: SPR-13019 (cherry picked from commit 02d28ae9)
-
- 04 5月, 2015 1 次提交
-
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12956
-
- 01 4月, 2015 1 次提交
-
-
由 Brian Clozel 提交于
Prior to this commit, the `client-library-url` XML attribute was not effective in the MVC namespace, leaving the default value configured: ```xml <websocket:sockjs client-library-url="/js/sockjs.js" /> ``` This commit fixes the sockjs namespace handler and makes sure that this attribute is configured on the `SockJsService` Bean to be created. Issue: SPR-12874
-
- 25 3月, 2015 1 次提交
-
-
由 Juergen Hoeller 提交于
(cherry picked from commit d23893fd)
-
- 28 2月, 2015 1 次提交
-
-
由 Juergen Hoeller 提交于
(cherry picked from commit 2b340946)
-
- 19 2月, 2015 5 次提交
-
-
由 Sebastien Deleuze 提交于
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12728
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12727
-
由 Sebastien Deleuze 提交于
This commit adds support for a same origin check that compares Origin header to Host header. It also changes the default setting from all origins allowed to only same origin allowed. Issues: SPR-12697, SPR-12685 (cherry picked from commit 6062e155)
-
由 Sebastien Deleuze 提交于
This commit introduces the following changes: - Requests without Origin header are not rejected anymore - Disable Iframe when allowedOrigins is not empty and not equals to * - The Iframe is not cached anymore in order to have a reliable origin check - allowedOrigins must not be null or empty - allowedOrigins format is now validated (should be * or start by http(s)://) Issue: SPR-12660 (cherry picked from commit 9b3319b3)
-
- 17 2月, 2015 1 次提交
-
-
由 Rossen Stoyanchev 提交于
Before this change the WebSocketTransportHandler passed Collections.emptyMap as attributes to the HandshakeHandler because it didn't matter what attributes the underlying WebSocketSession has since it is wrapped by the SockJsSession and that's what exposed for use everywhere. This change has the WebSocketTransportHandler passing the attributes from the SockJsSession instead since it's more accurate for the underlying WebSocketSession to have access to the same map instance and it allows the HandshakeHandler to change the attributes even if it doesn't need to do that today. Issue: SPR-12716
-
- 23 1月, 2015 1 次提交
-
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12658
-
- 30 12月, 2014 1 次提交
-
-
由 Rossen Stoyanchev 提交于
The following two refinements have been added: 1) SockJS doesn't support binary messages so don't even try 2) don't bother if payload.length == 0 Issue: SPR-12475
-
- 24 12月, 2014 1 次提交
-
-
由 Rossen Stoyanchev 提交于
After this change the StompSubProtocolHandler sends STOMP frames with content-type=octet-stream as a binary WebSocket message. Issue: SPR-12475
-
- 08 12月, 2014 1 次提交
-
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12516
-
- 06 12月, 2014 1 次提交
-
-
由 Sebastien Deleuze 提交于
This commit introduces the SpringHandlerInstantiator class, a Jackson HandlerInstantiator that allows to autowire Jackson handlers (JsonSerializer, JsonDeserializer, KeyDeserializer, TypeResolverBuilder and TypeIdResolver) if needed. SpringHandlerInstantiator is automatically used with @EnableWebMvc and <mvc:annotation-driven />. Issue: SPR-10768
-
- 03 12月, 2014 2 次提交
-
-
由 Sebastien Deleuze 提交于
With this commit, Jackson builder is now used in spring-websocket to create the ObjectMapper instance. It is not possible to use the builder for spring-messaging and spring-jms since these modules don't have a dependency on spring-web, thus they now just customize the same features: - MapperFeature#DEFAULT_VIEW_INCLUSION is disabled - DeserializationFeature#FAIL_ON_UNKNOWN_PROPERTIES is disabled Issue: SPR-12293
-
由 Rossen Stoyanchev 提交于
Issue: SPR-12497
-
- 29 11月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 28 11月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
(cherry picked from commit 7e07f3d0)
-
- 24 11月, 2014 1 次提交
-
-
由 Brian Clozel 提交于
Upgrade undertow dependency to 1.1.0.Final. Add support for undertow 1.1.0.Final in the UndertowRequestUpgradeStrategy, after a breaking change in the `io.undertow.websockets.jsr.ConfiguredServerEndpoint` constructor. Issue: SPR-12302
-
- 11 11月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 08 11月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 03 11月, 2014 1 次提交
-
-
由 Brian Clozel 提交于
Prior to this change, duplicate SubProtocolHandlers could be registered when configuring STOMP with several registrations: public void registerStompEndpoints (final StompEndpointRegistry registry) { this.endpointRegistry.addEndpoint("/stompOverWebSocket"); this.endpointRegistry.addEndpoint("/stompOverSockJS").withSockJS(); } This commit registers sub-protocols in a Set instead of a list (see SubProtocolWebSocketHandler), thus fixing the issue. Issue: SPR-12403
-
- 01 11月, 2014 1 次提交
-
-
由 Sam Brannen 提交于
-
- 30 10月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 29 10月, 2014 1 次提交
-
-
由 Rossen Stoyanchev 提交于
-
- 27 10月, 2014 4 次提交
-
-
由 Rossen Stoyanchev 提交于
-
由 Sebastien Deleuze 提交于
Issue: SPR-12379
-
由 Sebastien Deleuze 提交于
Issues: SPR-12283
-
由 Sebastien Deleuze 提交于
This commit introduces a new OriginHandshakeInterceptor. It filters Origin header value against a list of allowed origins. AbstractSockJsService as been modified to: - Reject CORS requests with forbidden origins - Disable transport types that does not support CORS when an origin check is required - Use the Origin request header value instead of "*" for Access-Control-Allow-Origin response header value (mandatory when Access-Control-Allow-Credentials=true) - Return CORS header only if the request contains an Origin header It is possible to configure easily this behavior thanks to JavaConfig API WebSocketHandlerRegistration#addAllowedOrigins(String...) and StompWebSocketEndpointRegistration#addAllowedOrigins(String...). It is also possible to configure it using the websocket XML namespace. Please notice that this commit does not change the default behavior: cross origin requests are still enabled by default. Issues: SPR-12226
-
- 24 10月, 2014 2 次提交
-
-
由 Rossen Stoyanchev 提交于
Before this change the simple broker simply removed subscriptions upon receiving a DISCONNECT message assuming it was a result of a client STOMP WebSocket session ending. However, if the server-side application sends a DISCONNECT to the broker in order to terminate a session, the STOMP WebSocket session could remain unware without any further action. This change ensures the simple broker sends a DISCONNECT_ACK message downstream whenever it receives a DISCONNECT. Issue: SPR-12288
-
由 Rossen Stoyanchev 提交于
This change adds a ChannelInterceptor that flips the immutable flag on messages being sent. This allows components sending messages to leave the message mutable for interceptors to further apply modifications before the message is sent (and exposed to concurrency). The interceptor is automatically added with the STOMP/WebSocket Java and XML config and the StompSubProtocolHandler leaves parsed incoming messages mutable so they can be further modified before being sent. Issue: SPR-12321
-
- 22 10月, 2014 1 次提交
-
-
由 Juergen Hoeller 提交于
-
- 21 10月, 2014 2 次提交
-
-
由 Juergen Hoeller 提交于
-
由 Juergen Hoeller 提交于
Issue: SPR-12352
-
- 20 10月, 2014 2 次提交
-
-
由 Juergen Hoeller 提交于
-
由 Juergen Hoeller 提交于
Issue: SPR-12340
-
- 14 10月, 2014 1 次提交
-
-
由 Rossen Stoyanchev 提交于
Use explicit flag whether to copy all attributes.
-