ContentNegotiationViewResolver should not decode Request-URI while fetching requested Media-Types [SPR-9390] #14026
Assignees
Milestone
Comments
|
Rossen Stoyanchev commented I fixed this by setting the decode property of UrlPathHelper to false. Using request.getRequestURI() breaks another issue, see #13320. |
spring-projects-issues
added
type: bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kai Moritz opened SPR-9390 and commented
Description:
If favorPathExtension is set, the ContentNegotiationViewResolver analyzes the URI of the request and adds a MediaType according to the path-extension.
While doing this, it uses the helper-function UrlPathHelper.getLookupPathForRequest(HttpRequest) to retrieve the URI.
This leads to errors, when the URI contains correctly encoded reserved characters, becaus this helper-function decodes the URI!
Consider the URI "/quo%20vadis%3f.html".
UrlPathHelper.getLookupPathForRequest(HttpRequest) decodes this to "/quo vadis?.html".
And because of the "?" the ContentNegotiationViewResolver thinks, that the URI is "/quo vadis" and adds the MediaType "*/*", which may lead to unexpected content negotiation results.
Fix:
Replace "urlPathHelper.getLookupPathForRequest(request)" with "request.getRequestURI()".
I have addes a patch, which does just this and fixes the problem for me.
Affects: 3.1.1
Attachments:
Referenced from: commits e04b322
The text was updated successfully, but these errors were encountered: