ChatGPT解决这个技术问题 Extra ChatGPT

Spring MVC @PathVariable with dot (.) is getting truncated

This is continuation of question Spring MVC @PathVariable getting truncated

Spring forum states that it has fixed(3.2 version) as part of ContentNegotiationManager. see the below link.
https://jira.springsource.org/browse/SPR-6164
https://jira.springsource.org/browse/SPR-7632

In my application requestParameter with .com is truncated.

Could anyone explain me how to use this new feature? how is it configurable at xml?

Note: spring forum- #1 Spring MVC @PathVariable with dot (.) is getting truncated

M
Martin Frey

As far as i know this issue appears only for the pathvariable at the end of the requestmapping.

We were able to solve that by defining the regex addon in the requestmapping. 

 /somepath/{variable:.+}
Thanks, I think this fix available earlier also (before 3.2V)?. However I don't like this fix; since it is needed at all the url which has to be handled in my application... and future URL implementation also to be taken care of this...
here is how i solved the issue in spring 3.0.5 <!-- Spring Configuration needed to avoid URI using dots to be truncated --> <bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"> <property name="useDefaultSuffixPattern" value="false" /> </bean>
@Mariusz, the syntax is {variable_name:regular_expression}, so here we have variable named variable, which value will be matched using regex .+ (where . means 'any character' and + means 'one or more times').
@StefanHaberl if you match variable in a regular way, Spring uses its suffix detection features and truncates everything after dot. When you use regexp matching, those features are not used - variable is only matched to regexp that you provide.
@martin "variable:.+" doesn't work when there's more than one dot in the variable. eg putting emails at the end of restful paths like /path/abc@server.com.au. The controller doesn't even get called, but it works when there's only one dot /path/abc@server.com. Any idea why and/or a workaround?
P
Pang

Spring considers that anything behind the last dot is a file extension such as .jsonor .xml and trucate it to retrieve your parameter.

So if you have /somepath/{variable} :

/somepath/param, /somepath/param.json, /somepath/param.xml or /somepath/param.anything will result in a param with value param

/somepath/param.value.json, /somepath/param.value.xml or /somepath/param.value.anything will result in a param with value param.value

if you change your mapping to /somepath/{variable:.+} as suggested, any dot, including the last one will be consider as part of your parameter :

/somepath/param will result in a param with value param

/somepath/param.json will result in a param with value param.json

/somepath/param.xml will result in a param with value param.xml

/somepath/param.anything will result in a param with value param.anything

/somepath/param.value.json will result in a param with value param.value.json

...

If you don't care of extension recognition, you can disable it by overriding mvc:annotation-driven automagic : 

<bean id="handlerMapping"
      class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
    <property name="contentNegotiationManager" ref="contentNegotiationManager"/>
    <property name="useSuffixPatternMatch" value="false"/>
</bean>

So, again, if you have /somepath/{variable} :

/somepath/param, /somepath/param.json, /somepath/param.xml or /somepath/param.anything will result in a param with value param

/somepath/param.value.json, /somepath/param.value.xml or /somepath/param.value.anything will result in a param with value param.value

note : the difference from the default config is visible only if you have a mapping like somepath/something.{variable}. see Resthub project issue

if you want to keep extension management, since Spring 3.2 you can also set the useRegisteredSuffixPatternMatch property of RequestMappingHandlerMapping bean in order to keep suffixPattern recognition activated but limited to registered extension.

Here you define only json and xml extensions : 

<bean id="handlerMapping"
      class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
    <property name="contentNegotiationManager" ref="contentNegotiationManager"/>
    <property name="useRegisteredSuffixPatternMatch" value="true"/>
</bean>

<bean id="contentNegotiationManager" class="org.springframework.web.accept.ContentNegotiationManagerFactoryBean">
    <property name="favorPathExtension" value="false"/>
    <property name="favorParameter" value="true"/>
    <property name="mediaTypes">
        <value>
            json=application/json
            xml=application/xml
        </value>
    </property>
</bean>

Note that mvc:annotation-driven accepts now a contentNegotiation option to provide a custom bean but the property of RequestMappingHandlerMapping has to be changed to true (default false) (cf. https://jira.springsource.org/browse/SPR-7632).

For that reason, you still have to override the all mvc:annotation-driven configuration. I opened a ticket to Spring to ask for a custom RequestMappingHandlerMapping : https://jira.springsource.org/browse/SPR-11253. Please vote if you are intereted in.

While overriding, be carreful to consider also custom Execution management overriding. Otherwise, all your custom Exception mappings will fail. You will have to reuse messageCoverters with a list bean : 

<bean id="validator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean" />
<bean id="conversionService" class="org.springframework.format.support.FormattingConversionServiceFactoryBean" />

<util:list id="messageConverters">
    <bean class="your.custom.message.converter.IfAny"></bean>
    <bean class="org.springframework.http.converter.ByteArrayHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.StringHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.ResourceHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.xml.SourceHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.xml.XmlAwareFormHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.xml.Jaxb2RootElementHttpMessageConverter"></bean>
    <bean class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter"></bean>
</util:list>

<bean name="exceptionHandlerExceptionResolver"
      class="org.springframework.web.servlet.mvc.method.annotation.ExceptionHandlerExceptionResolver">
    <property name="order" value="0"/>
    <property name="messageConverters" ref="messageConverters"/>
</bean>

<bean name="handlerAdapter"
      class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
    <property name="webBindingInitializer">
        <bean class="org.springframework.web.bind.support.ConfigurableWebBindingInitializer">
            <property name="conversionService" ref="conversionService" />
            <property name="validator" ref="validator" />
        </bean>
    </property>
    <property name="messageConverters" ref="messageConverters"/>
</bean>

<bean id="handlerMapping"
      class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
</bean>

I implemented, in the open source project Resthub that I am part of, a set of tests on these subjects : see https://github.com/resthub/resthub-spring-stack/pull/219/files & https://github.com/resthub/resthub-spring-stack/issues/217

Forgive me I am a novice, so where do you put the bean configs? and what spring version does it apply to?
@Splash : You must define these beans into your "standard" Spring applicationContext.xml file(s). This applies to Spring 3.2 at least. Probably (at least partially) before
This ist the correct answer in my opinion. It seems that parameter "useRegisteredSuffixPatternMatch" was introduced exactly for the OPs problem.
This was only half of the solution for me. See @Paul Aerer's answer.
D
Dmitri Algazin

Update for Spring 4: since 4.0.1 you can use PathMatchConfigurer (via your WebMvcConfigurer), e.g. 

@Configuration
protected static class AllResources extends WebMvcConfigurerAdapter {

    @Override
    public void configurePathMatch(PathMatchConfigurer matcher) {
        matcher.setUseRegisteredSuffixPatternMatch(true);
    }

}


@Configuration
public class WebConfig implements WebMvcConfigurer {

   @Override
   public void configurePathMatch(PathMatchConfigurer configurer) {
       configurer.setUseSuffixPatternMatch(false);
   }
}

In xml, it would be (https://jira.spring.io/browse/SPR-10163): 

<mvc:annotation-driven>
    [...]
    <mvc:path-matching registered-suffixes-only="true"/>
</mvc:annotation-driven>
this is by far the cleanest solution: turn off the feature causing it, rather than hacking around it. We're not using this feature anyway, so problem solved - perfect!
Where does the AllResources class go?
@ste_irl Add a java class in the same package as your main.
Use matcher.setUseSuffixPatternMatch(false) to completely disable suffix match.
This was only half of the solution for me. See @Paul Aerer's answer.
s
sparkyspider

In addition to Martin Frey's answer, this can also be fixed by adding a trailing slash in the RequestMapping value: 

/path/{variable}/

Keep in mind that this fix does not support maintainability. It now requires all URI's to have a trailing slash - something that may not be apparent to API users / new developers. Because it's likely not all parameters may have a . in them, it may also create intermittent bugs

Thats even a cleaner solution. I had to find out the hard way that IE is setting accept headers according to the suffix. So i wanted to post on some .doc requestmapping and i always got a download instead of the new html page. This approach fixed that.
this is the simplest solution for me to and solved my problem; regexp seems a bit of an overkill for many cases
but it collides with AngularJS's default behavior to remove trailing slashes automagically. That can be configured in latest Angular releases but it is something to track for hours if you don't know what is going on.
@dschulten And you just saved me hours of debugging, thanks! Nevertheless you should mention in the answer that the trailing slash will be required in the HTPP requests.
This is very dangerous! I certainly wouldn't recommend it as any one implementing the API would least expect it. Very non-maintainable.
G
GoutamS

In Spring Boot Rest Controller, I have resolved these by following Steps:

RestController : 

@GetMapping("/statusByEmail/{email:.+}/")
public String statusByEmail(@PathVariable(value = "email") String email){
  //code
}

And From Rest Client: 

Get http://mywebhook.com/statusByEmail/abc.test@gmail.com/
This answer is dependent on a trailing slash in order to work.
works like a charm (also without trailing slash). thank you!
M
Martin Čejka

adding the ":.+" worked for me, but not until I removed outer curly brackets.

value = {"/username/{id:.+}"} didn't work

value = "/username/{id:.+}" works

Hope I helped someone :)

That's because the curly brackets evaluate the RegEx and you already have some around id
C
Caleb Kleveter

/somepath/{variable:.+} works in Java requestMapping tag.

I prefer this answer because it doesn’t show what didn’t work.
Doesn't work for email addresses with more than one dot.
@8bitjunkie Sth like "/{code:.+}" works for many dots not one i.e. 61.12.7 it also works for i.e. k.a.p@o.i.n
Same case with me. It works for multiple dots also. Spring version is 4.3.6.RELEASE
B
Bruno Carrier

Here's an approach that relies purely on java configuration: 

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

@Configuration
public class MvcConfig extends WebMvcConfigurationSupport{

    @Bean
    public RequestMappingHandlerMapping requestMappingHandlerMapping() {
        RequestMappingHandlerMapping handlerMapping = super.requestMappingHandlerMapping();
        handlerMapping.setUseSuffixPatternMatch(false);
        handlerMapping.setUseTrailingSlashMatch(false);
        return handlerMapping;
    }
}
Thanks, solved it for me. Also, it's very clean and explicit. +1
M
Marcelo C.

One pretty easy way to work around this issue is to append a trailing slash ...

e.g.:

use : 

/somepath/filename.jpg/

instead of: 

/somepath/filename.jpg
S
Stephen Rauch

In Spring Boot, The Regular expression solve the problem like 

@GetMapping("/path/{param1:.+}")
Note that this only works for one dot. It doesn't work for email addresses.
@8bitjunkie Sth like "/{code:.+}" works for many dots not one i.e. 61.12.7 it also works for i.e. k.a.p@o.i.n
@8bitjunkie I have tested it with IP address. It workes very well. So, that means it works for multiple dots.
P
Paul Arer

The complete solution including email addresses in path names for spring 4.2 is 

<bean id="contentNegotiationManager"
    class="org.springframework.web.accept.ContentNegotiationManagerFactoryBean">
    <property name="favorPathExtension" value="false" />
    <property name="favorParameter" value="true" />
    <property name="mediaTypes">
        <value>
            json=application/json
            xml=application/xml
        </value>
    </property>
</bean>
<mvc:annotation-driven
    content-negotiation-manager="contentNegotiationManager">
    <mvc:path-matching suffix-pattern="false" registered-suffixes-only="true" />
</mvc:annotation-driven>

Add this to the application-xml

Upvote - this is the only answer here which makes clear that both the ContentNegotiationManagerFactoryBean and contentNegotiationManager configuration items are required
J
Jukka

If you are using Spring 3.2.x and <mvc:annotation-driven />, create this little BeanPostProcessor: 

package spring;

public final class DoNotTruncateMyUrls implements BeanPostProcessor {
    @Override
    public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
        if (bean instanceof RequestMappingHandlerMapping) {
            ((RequestMappingHandlerMapping)bean).setUseSuffixPatternMatch(false);
        }
        return bean;
    }
    @Override
    public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
        return bean;
    }
}

Then put this in your MVC config xml: 

<bean class="spring.DoNotTruncateMyUrls" />
Is it related to ContentNegotiationManager ?
My code only configures the RequestMappingHandlerMapping so that URLs will not be truncated. ContentNegotiationManager is another beast.
This is old, but you really don't need a BeanPostProcessor for this. If you use WebMvcConfigurationSupport you can override the requestMappingHandlerMapping @Bean method. If you use XML config, you can just declare your own RequestMappingHandlerMapping bean and declare that property.
Thank you very much, I tried a different number of solutions for the same problem, only this one worked for me. :-)
C
Community

Finally I found solution in Spring Docs:

To completely disable the use of file extensions, you must set both of the following: useSuffixPatternMatching(false), see PathMatchConfigurer favorPathExtension(false), see ContentNegotiationConfigurer

Adding this to my WebMvcConfigurerAdapter implementation solved the problem: 

@Override
public void configureContentNegotiation(ContentNegotiationConfigurer configurer) {
    configurer.favorPathExtension(false);
}

@Override
public void configurePathMatch(PathMatchConfigurer matcher) {
    matcher.setUseSuffixPatternMatch(false);
}
r
rogerdpack

For me the 

@GetMapping(path = "/a/{variableName:.+}")

does work but only if you also encode the "dot" in your request url as "%2E" then it works. But requires URL's to all be that...which is not a "standard" encoding, though valid. Feels like something of a bug :|

The other work around, similar to the "trailing slash" way is to move the variable that will have the dot "inline" ex:

@GetMapping(path = "/{variableName}/a")

now all dots will be preserved, no modifications needed.

G
GuyT

As of Spring 5.2.4 (Spring Boot v2.2.6.RELEASE) PathMatchConfigurer.setUseSuffixPatternMatch and ContentNegotiationConfigurer.favorPathExtension have been deprecated ( https://spring.io/blog/2020/03/24/spring-framework-5-2-5-available-now and https://github.com/spring-projects/spring-framework/issues/24179).

The real problem is that the client requests a specific media type (like .com) and Spring added all those media types by default. In most cases your REST controller will only produce JSON so it will not support the requested output format (.com). To overcome this issue you should be all good by updating your rest controller (or specific method) to support the 'ouput' format (@RequestMapping(produces = MediaType.ALL_VALUE)) and of course allow characters like a dot ({username:.+}).

Example: 

@RequestMapping(value = USERNAME, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public class UsernameAPI {

    private final UsernameService service;

    @GetMapping(value = "/{username:.+}", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.ALL_VALUE)
    public ResponseEntity isUsernameAlreadyInUse(@PathVariable(value = "username") @Valid @Size(max = 255) String username) {
        log.debug("Check if username already exists");
        if (service.doesUsernameExist(username)) {
            return ResponseEntity.status(HttpStatus.NO_CONTENT).build();
        }
        return ResponseEntity.notFound().build();
    }
}

Spring 5.3 and above will only match registered suffixes (media types).

N
Nitin Zadage

If you write both back and frontend, another simple solution is to attach a "/" at the end of the URL at front. If so, you don't need to change your backend... 

somepath/myemail@gmail.com/

Be happy!

S
Sanjay Bharwani

If you are using Spring 3.2+ then below solution will help. This will handle all urls so definitely better than applying regex pattern in the request URI mapping to allow . like /somepath/{variable:.+}

Define a bean in the xml file 

<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
        <property name="useSuffixPatternMatch" value="false"/>
        <property name="useRegisteredSuffixPatternMatch" value="true"/>
    </bean>

The flags usage can be found on the documentation. I am putting snipped to explain

exlanation of useRegisteredSuffixPatternMatch is said to be resolving the issue. From the java doc in the class

If enabled, a controller method mapped to "/users" also matches to "/users.json" assuming ".json" is a file extension registered with the provided {@link #setContentNegotiationManager(ContentNegotiationManager) contentNegotiationManager}. This can be useful for allowing only specific URL extensions to be used as well as in cases where a "." in the URL path can lead to ambiguous interpretation of path variable content, (e.g. given "/users/{user}" and incoming URLs such as "/users/john.j.joe" and "/users/john.j.joe.json").

T
Tiago Medici

Simple Solution Fix: adding a regex {q:.+} in the @RequestMapping 

@RequestMapping("medici/james/Site")
public class WebSiteController {

    @RequestMapping(value = "/{site:.+}", method = RequestMethod.GET)
    public ModelAndView display(@PathVariable("site") String site) {
        return getModelAndView(site, "web site");

    }
}

Now, for input /site/jamesmedice.com, “site” will display the correct james'site

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Links

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.