Restore the `getUseRelativeRedirects` method with a `Boolean` object
result and introduce `isUseRelativeRedirects` for the primitive boolean
variant.
See gh-20796
This commit improves the backward-compatibility of the ErrorAttributes
interfaces by providing a default implementation of a new method. It
also encapsulates several parameters that control the inclusion or
exclusion of error attributes into a new ErrorAttributeOptions type to
make it easier and less intrusive to add additional options in the
future. This encapsulation also makes the handling of the
includeException option more similar to other options.
Fixes gh-21324
Prior to this commit, the property was a Boolean with a null default.
If it was explicitly set by the user, a context customizer would use
that value to set it on the context. However, if it was not set, the default
wouldn't be tomcat's default but `false` because it was explicitly set to
`false` in `TomcatServletWebServerFactory`. This commit defaults the property
itself to `false` so that the default is more obvious to the user.
Fixes gh-20796
Prior to this commit, there was a property server.error.include-details
that allowed configuration of the message and errors attributes in a
server error response.
This commit separates the control of the message and errors attributes
into two separate properties named server.error.include-message and
server.error.include-binding-errors. When the message attribute is
excluded from a servlet response, the value is changed from a
hard-coded text value to an empty value.
Fixes gh-20505
This commit introduces a CookieSerializerCustomizer callback that
allows the customization of the auto-configured
DefaultCookieSerializer bean. This is particularly useful for
configuring cookie serializer's capabilities, such as SameSite, that
are not supported by the Servlet API and therefore not exposed via
server.servlet.session.cookie.* properties.
See gh-20961
This commit adds a new configuration property for configuring the
registration of the default Servlet in Servlet containers.
`"server.servlet.default-servlet.registered=false"`
The default of this property is still `true`, as it's been the case in
previous releases.
Closes gh-21214
Extend WebFlux and WebMvc properties with timeFormat and
dateTimeFormat properties to allow users to customize format of
LocalTime and LocalDateTime instances.
See gh-18772
Previously, only root auto-configuration classes could be excluded
eagerly via an AutoConfigurationImportFilter. Any configuration class
loaded as a result of processing a particular auto-configuration were
parsed and checked as usual.
This commit makes use of the `getExclusionFilter` callback to expand
this filter to all candidates that are considered. The annotation
processor has also be expanded to generate metadata for non-root
configuration classes.
Closes gh-12157
This commit upgrades to RSocket 1.0.0-RC7.
This new RC brings API changes we have to adapt to. As of this commit,
we're introducing a new `RSocketServerCustomizer` which replaces the now
deprecated `ServerRSocketFactoryProcessor`.
Closes gh-21046
This new customizer-like interface make it possible to configure the
Reactor Netty `HttpClient` that is going to be used by the
`WebClient.Builder` provided by Spring Boot.
Closes gh-21135
Starting the CouchbaseContainer fails intermittently when creation
of the primary index for the bucket fails with a read timeout. The
test doesn't require a primary index for the bucket so this commit
disables it creation in the hope that it will help to stabilise the
test.
Previously, DefaultResourceLoader instances were created using the
default constructor. This causes the resource loader to capture the
TCCL that was in place at that time. This can lead to a class loader
leak if the resource loader is referenced directly or indirectly from
a static field of a class loaded by a different class loader.
This commit updates the creation of DefaultResourceLoader instances
in main code so that the resource load will use the class loader of
the creating class. In almost all cases this will be the same class
loader as was the thread context class loader that was being captured
so the change in behavior is minimal. Crucially, it will still address
the situation where the TCCL was different.
Note the DevTools' ApplicationContextResourceLoader has been updated
to explicitly use the TCCL. This ensures that it uses the restart
class loader which is required for DevTools to function correctly.
Fixes gh-20900
At present, RestClientBuilderCustomizer allows general customization of RestClientBuilder.
This is troublesome for users that want to customize `HttpAsyncClientBuilder` and
`RequestConfig.Builder` since those are set on the `RestClientBuilder`. By customizing
those two builders user lose out on Spring Boot's support for binding username, password,
connection-timeout and read-timeout properties from `"spring.elasticsearch.rest"` namespace.
This commit enhances the `RestClientBuilderCustomizer` with support for customizing
`HttpAsyncClientBuilder` and `RequestConfig.Builder` by providing additional `customize`
methods that accept the aforementioned builders. Both new methods are optional as they have
no-op default implementations.
See gh-20994
Refine `DataSourceAutoConfiguration` conditions so that an empty
`spring.datasource.url` property can be used to enable the embedded
source.
Fixed gh-20996
This commit marks as deprecated an interface method that is no longer
used, and changes all internal implementations to return `null` to
make the fact that the return value is not used more obvious.
Fixes gh-19844
Prior to this commit, default error responses included the message
from a handled exception. When the exception was a BindException, the
error responses could also include an errors attribute containing the
details of the binding failure. These details could leak information
about the application.
This commit removes the exception message and binding errors detail
from error responses by default, and introduces a
`server.error.include-details` property that can be used to cause
these details to be included in the response.
Fixes gh-20505
Create a general purpose `AvailabilityState` interface and refactor
the existing `LivenessState` and `ReadinessState` to use it. A single
`AvailabilityChangeEvent` is now used to carry all availability state
updates.
This commit also renames `ApplicationAvailabilityProvider` to
`ApplicationAvailabilityBean` and extracts an `ApplicationAvailability`
interface that other beans can inject. The helps to hide the event
listener method, which is really internal.
Finally the state enums have been renamed as follows:
- `LivenessState.LIVE` -> `LivenessState.CORRECT`
- `ReadinessState.READY` -> `ReadinessState.ACCEPTING_TRAFFIC`
- `ReadinessState.UNREADY` -> `ReadinessState.REFUSING_TRAFFIC`
See gh-20962
Prior to this commit, the `HttpHandlerAutoConfiguration` would rely on
the `WebFluxProperties` bean being present - this is most of the time
true when the appplication is using the WebFlux auto-configuration.
If the application is overriding the WebFlux auto-configuration and
providing its own setup, the properties bean is not present and we
should skip its usage.
Fixes gh-20891
Rename the SAML `singleSignOn` nested property to `singleSignOn` so
that we don't get problems when using uppercase environment variable
names.
See gh-20584
Madhura Bhave
Phillip Webb
Stephane Nicoll
Andy Wilkinson
Johnny Lim
Scott Frederick
dreis2211
Aarti Gupta
Vedran Pavic
Brian Clozel
Daniel Knittl-Frank
K Zoli
dhimathu