A HandshakeInterceptor can be used to intercept WebSocket handshakes
(or SockJS requests where a new session is created) in order to
inspect the request and response before and after the handshake
including the ability to pass attributes to the WebSocketHandler,
which the hander can access through
WebSocketSession.getHandshakeAttributes()
An HttpSessionHandshakeInterceptor is available that can copy
attributes from the HTTP session to make them available to the
WebSocket session.
Issue: SPR-10624
Added XStream CatchAllConverter that supports all classes, but throws
exceptions for (un)marshalling.
Main purpose of this class is to register this converter as a catchall
last converter with a normal or higher priority in addition to
converters that explicitly support the domain classes that should be
supported. As a result, default XStream converters with lower
priorities and possible security vulnerabilities do not get invoked.
Also, StandardReflectionParameterNameDiscoverer calls "Parameter.isNamePresent()" now to return null (and pass on to the next discoverer) if no JDK 8 parameters are available. Note that this requires OpenJDK 8 b100 or higher to compile now.
Issue: SPR-10532
This change enables having @ResponseBody on the type-level in which
case it inherited and does not need to be added on the method level.
For added convenience, there is also a new @RestController annotation,
a meta-annotation in turn annotated with @Controller and @ResponseBody.
Classes with the new annotation do not need to have @ResponseBody
declared on the method level as it is inherited.
Issue: SPR-10814
MimeType is available in core-spring and does not include support
for quality parameters and media used in HTTP content negotiation.
The MediaType sub-class in org.springframework.http adds q-parameters.
The method returning query parameters now returns only query string
parameters as opposed to any Servlet request parameter.
This commit also adds a ReadOnlyMultiValueMap.
ServerHttpAsyncResponseControl wraps a ServetHttpRequest and -Response
pair and allows putting the processing of the request in async mode
so that the response remains open until explicitly closed, either from
the current or from another thread.
ServletServerHttpAsyncResponseControl provides a Serlvet-based
implementation.
A getCookies method is now available on ServerHttpRequest with one
ServletServerCookie implementation that wraps a Servlet cookie.
The SockJS service makes use of this to check for an existing session
cookie in the request.
Add SubProtocolHandler to encapsulate the logic for using a
sub-protocol.
A SubProtocolWebSocketHandler is also provided to
delegate to the appropriate SubProtocolHandler based on the
negotiated sub-protocol value at handshake.
StompSubProtocolHandler provides handling for STOMP messages.
Issue: SPR-10786
A SockJS message frame is an array of JSON-encoded messages and before
this change the use of the Jackson 2 library was hard-coded.
A Jackson 2 and Jackson 1.x implementations are provided and
automatically used if those libraries are present on the classpath.
Issue: SPR-10800
Dmitry Katsubo
Arjen Poutsma
Rossen Stoyanchev
Sam Brannen
Phillip Webb
Lonre Wang
Juergen Hoeller
Grzegorz Rożniecki
Andy Wilkinson