org.springframework.web.util

Class WebUtils

java.lang.Object

org.springframework.web.util.WebUtils

public abstract class WebUtils
extends java.lang.Object

Miscellaneous utilities for web applications. Used by various framework classes.

Author:

Rod Johnson, Juergen Hoeller, Sebastien Deleuze

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CONTENT_TYPE_CHARSET_PREFIX Prefix of the charset clause in a content type String: ";charset="
static java.lang.String	DEFAULT_CHARACTER_ENCODING Default character encoding to use when request.getCharacterEncoding returns null, according to the Servlet spec.
static java.lang.String	DEFAULT_WEB_APP_ROOT_KEY Default web app root key: "webapp.root"
static java.lang.String	ERROR_EXCEPTION_ATTRIBUTE
static java.lang.String	ERROR_EXCEPTION_TYPE_ATTRIBUTE
static java.lang.String	ERROR_MESSAGE_ATTRIBUTE
static java.lang.String	ERROR_REQUEST_URI_ATTRIBUTE
static java.lang.String	ERROR_SERVLET_NAME_ATTRIBUTE
static java.lang.String	ERROR_STATUS_CODE_ATTRIBUTE Standard Servlet 2.3+ spec request attributes for error pages.
static java.lang.String	FORWARD_CONTEXT_PATH_ATTRIBUTE
static java.lang.String	FORWARD_PATH_INFO_ATTRIBUTE
static java.lang.String	FORWARD_QUERY_STRING_ATTRIBUTE
static java.lang.String	FORWARD_REQUEST_URI_ATTRIBUTE Standard Servlet 2.4+ spec request attributes for forward URI and paths.
static java.lang.String	FORWARD_SERVLET_PATH_ATTRIBUTE
static java.lang.String	HTML_ESCAPE_CONTEXT_PARAM HTML escape parameter at the servlet context level (i.e.
static java.lang.String	INCLUDE_CONTEXT_PATH_ATTRIBUTE
static java.lang.String	INCLUDE_PATH_INFO_ATTRIBUTE
static java.lang.String	INCLUDE_QUERY_STRING_ATTRIBUTE
static java.lang.String	INCLUDE_REQUEST_URI_ATTRIBUTE Standard Servlet 2.3+ spec request attributes for include URI and paths.
static java.lang.String	INCLUDE_SERVLET_PATH_ATTRIBUTE
static java.lang.String	RESPONSE_ENCODED_HTML_ESCAPE_CONTEXT_PARAM Use of response encoding for HTML escaping parameter at the servlet context level (i.e.
static java.lang.String	SESSION_MUTEX_ATTRIBUTE Key for the mutex session attribute
static java.lang.String[]	SUBMIT_IMAGE_SUFFIXES Name suffixes in case of image buttons
static java.lang.String	TEMP_DIR_CONTEXT_ATTRIBUTE Standard Servlet spec context attribute that specifies a temporary directory for the current web application, of type java.io.File.
static java.lang.String	WEB_APP_ROOT_KEY_PARAM Web app root key parameter at the servlet context level (i.e.

Constructor Summary

Constructors

Constructor and Description
WebUtils()

Method Summary

Modifier and Type	Method and Description
static void	clearErrorRequestAttributes(HttpServletRequest request) Clear the Servlet spec's error attributes as HttpServletRequest attributes under the keys defined in the Servlet 2.3 specification: javax.servlet.error.status_code, javax.servlet.error.exception_type, javax.servlet.error.message, javax.servlet.error.exception, javax.servlet.error.request_uri, javax.servlet.error.servlet_name.
static void	exposeErrorRequestAttributes(HttpServletRequest request, java.lang.Throwable ex, java.lang.String servletName) Expose the Servlet spec's error attributes as HttpServletRequest attributes under the keys defined in the Servlet 2.3 specification, for error pages that are rendered directly rather than through the Servlet container's error page resolution: javax.servlet.error.status_code, javax.servlet.error.exception_type, javax.servlet.error.message, javax.servlet.error.exception, javax.servlet.error.request_uri, javax.servlet.error.servlet_name.
static void	exposeRequestAttributes(ServletRequest request, java.util.Map<java.lang.String,?> attributes) Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes
static java.lang.String	extractFilenameFromUrlPath(java.lang.String urlPath) Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes
static java.lang.String	extractFullFilenameFromUrlPath(java.lang.String urlPath) Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes (or UriUtils.extractFileExtension(java.lang.String) for the file extension use case)
static java.lang.String	findParameterValue(java.util.Map<java.lang.String,?> parameters, java.lang.String name) Obtain a named parameter from the given request parameters.
static java.lang.String	findParameterValue(ServletRequest request, java.lang.String name) Obtain a named parameter from the given request parameters.
static Cookie	getCookie(HttpServletRequest request, java.lang.String name) Retrieve the first cookie with the given name.
static java.lang.Boolean	getDefaultHtmlEscape(ServletContext servletContext) Return whether default HTML escaping is enabled for the web application, i.e.
static <T> T	getNativeRequest(ServletRequest request, java.lang.Class<T> requiredType) Return an appropriate request object of the specified type, if available, unwrapping the given request as far as necessary.
static <T> T	getNativeResponse(ServletResponse response, java.lang.Class<T> requiredType) Return an appropriate response object of the specified type, if available, unwrapping the given response as far as necessary.
static java.lang.Object	getOrCreateSessionAttribute(HttpSession session, java.lang.String name, java.lang.Class<?> clazz) Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes
static java.util.Map<java.lang.String,java.lang.Object>	getParametersStartingWith(ServletRequest request, java.lang.String prefix) Return a map containing all parameters with the given prefix.
static java.lang.String	getRealPath(ServletContext servletContext, java.lang.String path) Return the real path of the given path within the web application, as provided by the servlet container.
static java.lang.Object	getRequiredSessionAttribute(HttpServletRequest request, java.lang.String name) Check the given request for a session attribute of the given name.
static java.lang.Boolean	getResponseEncodedHtmlEscape(ServletContext servletContext) Return whether response encoding should be used when HTML escaping characters, thus only escaping XML markup significant characters with UTF-* encodings.
static java.lang.Object	getSessionAttribute(HttpServletRequest request, java.lang.String name) Check the given request for a session attribute of the given name.
static java.lang.String	getSessionId(HttpServletRequest request) Determine the session id of the given request, if any.
static java.lang.Object	getSessionMutex(HttpSession session) Return the best available mutex for the given session: that is, an object to synchronize on for the given session.
static int	getTargetPage(ServletRequest request, java.lang.String paramPrefix, int currentPage) Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes
static java.io.File	getTempDir(ServletContext servletContext) Return the temporary directory for the current web application, as provided by the servlet container.
static boolean	hasSubmitParameter(ServletRequest request, java.lang.String name) Check if a specific input type="submit" parameter was sent in the request, either via a button (directly with name) or via an image (name + ".x" or name + ".y").
static boolean	isDefaultHtmlEscape(ServletContext servletContext) Deprecated. as of Spring 4.1, in favor of getDefaultHtmlEscape(javax.servlet.ServletContext)
static boolean	isIncludeRequest(ServletRequest request) Determine whether the given request is an include request, that is, not a top-level HTTP request coming in from the outside.
static boolean	isSameOrigin(HttpRequest request) Check if the request is a same-origin one, based on Origin, Host, Forwarded, X-Forwarded-Proto, X-Forwarded-Host and
static boolean	isValidOrigin(HttpRequest request, java.util.Collection<java.lang.String> allowedOrigins) Check the given request origin against a list of allowed origins.
static MultiValueMap<java.lang.String,java.lang.String>	parseMatrixVariables(java.lang.String matrixVariables) Parse the given string with matrix variables.
static void	removeWebAppRootSystemProperty(ServletContext servletContext) Remove the system property that points to the web app root directory.
static void	setSessionAttribute(HttpServletRequest request, java.lang.String name, java.lang.Object value) Set the session attribute with the given name to the given value.
static void	setWebAppRootSystemProperty(ServletContext servletContext) Set a system property to the web application root directory.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INCLUDE_REQUEST_URI_ATTRIBUTE

public static final java.lang.String INCLUDE_REQUEST_URI_ATTRIBUTE

Standard Servlet 2.3+ spec request attributes for include URI and paths.

If included via a RequestDispatcher, the current resource will see the originating request. Its own URI and paths are exposed as request attributes.

See Also:

Constant Field Values

INCLUDE_CONTEXT_PATH_ATTRIBUTE

public static final java.lang.String INCLUDE_CONTEXT_PATH_ATTRIBUTE

See Also:

Constant Field Values

INCLUDE_SERVLET_PATH_ATTRIBUTE

public static final java.lang.String INCLUDE_SERVLET_PATH_ATTRIBUTE

See Also:

Constant Field Values

INCLUDE_PATH_INFO_ATTRIBUTE

public static final java.lang.String INCLUDE_PATH_INFO_ATTRIBUTE

See Also:

Constant Field Values

INCLUDE_QUERY_STRING_ATTRIBUTE

public static final java.lang.String INCLUDE_QUERY_STRING_ATTRIBUTE

See Also:

Constant Field Values

FORWARD_REQUEST_URI_ATTRIBUTE

public static final java.lang.String FORWARD_REQUEST_URI_ATTRIBUTE

Standard Servlet 2.4+ spec request attributes for forward URI and paths.

If forwarded to via a RequestDispatcher, the current resource will see its own URI and paths. The originating URI and paths are exposed as request attributes.

See Also:

Constant Field Values

FORWARD_CONTEXT_PATH_ATTRIBUTE

public static final java.lang.String FORWARD_CONTEXT_PATH_ATTRIBUTE

See Also:

Constant Field Values

FORWARD_SERVLET_PATH_ATTRIBUTE

public static final java.lang.String FORWARD_SERVLET_PATH_ATTRIBUTE

See Also:

Constant Field Values

FORWARD_PATH_INFO_ATTRIBUTE

public static final java.lang.String FORWARD_PATH_INFO_ATTRIBUTE

See Also:

Constant Field Values

FORWARD_QUERY_STRING_ATTRIBUTE

public static final java.lang.String FORWARD_QUERY_STRING_ATTRIBUTE

See Also:

Constant Field Values

ERROR_STATUS_CODE_ATTRIBUTE

public static final java.lang.String ERROR_STATUS_CODE_ATTRIBUTE

Standard Servlet 2.3+ spec request attributes for error pages.

To be exposed to JSPs that are marked as error pages, when forwarding to them directly rather than through the servlet container's error page resolution mechanism.

See Also:

Constant Field Values

ERROR_EXCEPTION_TYPE_ATTRIBUTE

public static final java.lang.String ERROR_EXCEPTION_TYPE_ATTRIBUTE

See Also:

Constant Field Values

ERROR_MESSAGE_ATTRIBUTE

public static final java.lang.String ERROR_MESSAGE_ATTRIBUTE

See Also:

Constant Field Values

ERROR_EXCEPTION_ATTRIBUTE

public static final java.lang.String ERROR_EXCEPTION_ATTRIBUTE

See Also:

Constant Field Values

ERROR_REQUEST_URI_ATTRIBUTE

public static final java.lang.String ERROR_REQUEST_URI_ATTRIBUTE

See Also:

Constant Field Values

ERROR_SERVLET_NAME_ATTRIBUTE

public static final java.lang.String ERROR_SERVLET_NAME_ATTRIBUTE

See Also:

Constant Field Values

CONTENT_TYPE_CHARSET_PREFIX

public static final java.lang.String CONTENT_TYPE_CHARSET_PREFIX

Prefix of the charset clause in a content type String: ";charset="

See Also:

Constant Field Values

DEFAULT_CHARACTER_ENCODING

public static final java.lang.String DEFAULT_CHARACTER_ENCODING

Default character encoding to use when request.getCharacterEncoding returns null, according to the Servlet spec.

See Also:

ServletRequest.getCharacterEncoding(), Constant Field Values

TEMP_DIR_CONTEXT_ATTRIBUTE

public static final java.lang.String TEMP_DIR_CONTEXT_ATTRIBUTE

Standard Servlet spec context attribute that specifies a temporary directory for the current web application, of type java.io.File.

See Also:

Constant Field Values

HTML_ESCAPE_CONTEXT_PARAM

public static final java.lang.String HTML_ESCAPE_CONTEXT_PARAM

HTML escape parameter at the servlet context level (i.e. a context-param in web.xml): "defaultHtmlEscape".

See Also:

Constant Field Values

RESPONSE_ENCODED_HTML_ESCAPE_CONTEXT_PARAM

public static final java.lang.String RESPONSE_ENCODED_HTML_ESCAPE_CONTEXT_PARAM

Use of response encoding for HTML escaping parameter at the servlet context level (i.e. a context-param in web.xml): "responseEncodedHtmlEscape".

Since:

4.1.2

See Also:

Constant Field Values

WEB_APP_ROOT_KEY_PARAM

public static final java.lang.String WEB_APP_ROOT_KEY_PARAM

Web app root key parameter at the servlet context level (i.e. a context-param in web.xml): "webAppRootKey".

See Also:

Constant Field Values

DEFAULT_WEB_APP_ROOT_KEY

public static final java.lang.String DEFAULT_WEB_APP_ROOT_KEY

Default web app root key: "webapp.root"

See Also:

Constant Field Values

SUBMIT_IMAGE_SUFFIXES

public static final java.lang.String[] SUBMIT_IMAGE_SUFFIXES

Name suffixes in case of image buttons

SESSION_MUTEX_ATTRIBUTE

public static final java.lang.String SESSION_MUTEX_ATTRIBUTE

Key for the mutex session attribute

Constructor Detail

WebUtils

public WebUtils()

Method Detail

setWebAppRootSystemProperty

public static void setWebAppRootSystemProperty(ServletContext servletContext)
                                        throws java.lang.IllegalStateException

Set a system property to the web application root directory. The key of the system property can be defined with the "webAppRootKey" context-param in web.xml. Default is "webapp.root".

Can be used for tools that support substitution with System.getProperty values, like log4j's "${key}" syntax within log file locations.

Parameters:

servletContext - the servlet context of the web application

Throws:

java.lang.IllegalStateException - if the system property is already set, or if the WAR file is not expanded

See Also:

WEB_APP_ROOT_KEY_PARAM, DEFAULT_WEB_APP_ROOT_KEY, WebAppRootListener, Log4jWebConfigurer

removeWebAppRootSystemProperty

public static void removeWebAppRootSystemProperty(ServletContext servletContext)

Remove the system property that points to the web app root directory. To be called on shutdown of the web application.

Parameters:

servletContext - the servlet context of the web application

See Also:

setWebAppRootSystemProperty(javax.servlet.ServletContext)

isDefaultHtmlEscape

@Deprecated
public static boolean isDefaultHtmlEscape(ServletContext servletContext)

Deprecated. as of Spring 4.1, in favor of getDefaultHtmlEscape(javax.servlet.ServletContext)

Return whether default HTML escaping is enabled for the web application, i.e. the value of the "defaultHtmlEscape" context-param in web.xml (if any). Falls back to false in case of no explicit default given.

Parameters:

servletContext - the servlet context of the web application

Returns:

whether default HTML escaping is enabled (default is false)

getDefaultHtmlEscape

public static java.lang.Boolean getDefaultHtmlEscape(ServletContext servletContext)

Return whether default HTML escaping is enabled for the web application, i.e. the value of the "defaultHtmlEscape" context-param in web.xml (if any).

This method differentiates between no param specified at all and an actual boolean value specified, allowing to have a context-specific default in case of no setting at the global level.

Parameters:

servletContext - the servlet context of the web application

Returns:

whether default HTML escaping is enabled for the given application (null = no explicit default)

getResponseEncodedHtmlEscape

public static java.lang.Boolean getResponseEncodedHtmlEscape(ServletContext servletContext)

Return whether response encoding should be used when HTML escaping characters, thus only escaping XML markup significant characters with UTF-* encodings. This option is enabled for the web application with a ServletContext param, i.e. the value of the "responseEncodedHtmlEscape" context-param in web.xml (if any).

This method differentiates between no param specified at all and an actual boolean value specified, allowing to have a context-specific default in case of no setting at the global level.

Parameters:

servletContext - the servlet context of the web application

Returns:

whether response encoding is to be used for HTML escaping (null = no explicit default)

Since:

4.1.2

getTempDir

public static java.io.File getTempDir(ServletContext servletContext)

Return the temporary directory for the current web application, as provided by the servlet container.

Parameters:

servletContext - the servlet context of the web application

Returns:

the File representing the temporary directory

getRealPath

public static java.lang.String getRealPath(ServletContext servletContext,
                                           java.lang.String path)
                                    throws java.io.FileNotFoundException

Return the real path of the given path within the web application, as provided by the servlet container.

Prepends a slash if the path does not already start with a slash, and throws a FileNotFoundException if the path cannot be resolved to a resource (in contrast to ServletContext's getRealPath, which returns null).

Parameters:

servletContext - the servlet context of the web application

path - the path within the web application

Returns:

the corresponding real path

Throws:

java.io.FileNotFoundException - if the path cannot be resolved to a resource

See Also:

ServletContext.getRealPath(java.lang.String)

getSessionId

public static java.lang.String getSessionId(HttpServletRequest request)

Determine the session id of the given request, if any.

Parameters:

request - current HTTP request

Returns:

the session id, or null if none

getSessionAttribute

public static java.lang.Object getSessionAttribute(HttpServletRequest request,
                                                   java.lang.String name)

Check the given request for a session attribute of the given name. Returns null if there is no session or if the session has no such attribute. Does not create a new session if none has existed before!

Parameters:

request - current HTTP request

name - the name of the session attribute

Returns:

the value of the session attribute, or null if not found

getRequiredSessionAttribute

public static java.lang.Object getRequiredSessionAttribute(HttpServletRequest request,
                                                           java.lang.String name)
                                                    throws java.lang.IllegalStateException

Check the given request for a session attribute of the given name. Throws an exception if there is no session or if the session has no such attribute. Does not create a new session if none has existed before!

Parameters:

request - current HTTP request

name - the name of the session attribute

Returns:

the value of the session attribute, or null if not found

Throws:

java.lang.IllegalStateException - if the session attribute could not be found

setSessionAttribute

public static void setSessionAttribute(HttpServletRequest request,
                                       java.lang.String name,
                                       java.lang.Object value)

Set the session attribute with the given name to the given value. Removes the session attribute if value is null, if a session existed at all. Does not create a new session if not necessary!

Parameters:

request - current HTTP request

name - the name of the session attribute

value - the value of the session attribute

getOrCreateSessionAttribute

@Deprecated
public static java.lang.Object getOrCreateSessionAttribute(HttpSession session,
                                                                       java.lang.String name,
                                                                       java.lang.Class<?> clazz)
                                                                throws java.lang.IllegalArgumentException

Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes

Get the specified session attribute, creating and setting a new attribute if no existing found. The given class needs to have a public no-arg constructor. Useful for on-demand state objects in a web tier, like shopping carts.

Parameters:

session - current HTTP session

name - the name of the session attribute

clazz - the class to instantiate for a new attribute

Returns:

the value of the session attribute, newly created if not found

Throws:

java.lang.IllegalArgumentException - if the session attribute could not be instantiated

getSessionMutex

public static java.lang.Object getSessionMutex(HttpSession session)

Return the best available mutex for the given session: that is, an object to synchronize on for the given session.

Returns the session mutex attribute if available; usually, this means that the HttpSessionMutexListener needs to be defined in web.xml. Falls back to the HttpSession itself if no mutex attribute found.

The session mutex is guaranteed to be the same object during the entire lifetime of the session, available under the key defined by the SESSION_MUTEX_ATTRIBUTE constant. It serves as a safe reference to synchronize on for locking on the current session.

In many cases, the HttpSession reference itself is a safe mutex as well, since it will always be the same object reference for the same active logical session. However, this is not guaranteed across different servlet containers; the only 100% safe way is a session mutex.

Parameters:

session - the HttpSession to find a mutex for

Returns:

the mutex object (never null)

See Also:

SESSION_MUTEX_ATTRIBUTE, HttpSessionMutexListener

getNativeRequest

public static <T> T getNativeRequest(ServletRequest request,
                                     java.lang.Class<T> requiredType)

Return an appropriate request object of the specified type, if available, unwrapping the given request as far as necessary.

Parameters:

request - the servlet request to introspect

requiredType - the desired type of request object

Returns:

the matching request object, or null if none of that type is available

getNativeResponse

public static <T> T getNativeResponse(ServletResponse response,
                                      java.lang.Class<T> requiredType)

Return an appropriate response object of the specified type, if available, unwrapping the given response as far as necessary.

Parameters:

response - the servlet response to introspect

requiredType - the desired type of response object

Returns:

the matching response object, or null if none of that type is available

isIncludeRequest

public static boolean isIncludeRequest(ServletRequest request)

Determine whether the given request is an include request, that is, not a top-level HTTP request coming in from the outside.

Checks the presence of the "javax.servlet.include.request_uri" request attribute. Could check any request attribute that is only present in an include request.

Parameters:

request - current servlet request

Returns:

whether the given request is an include request

exposeErrorRequestAttributes

public static void exposeErrorRequestAttributes(HttpServletRequest request,
                                                java.lang.Throwable ex,
                                                java.lang.String servletName)

Expose the Servlet spec's error attributes as HttpServletRequest attributes under the keys defined in the Servlet 2.3 specification, for error pages that are rendered directly rather than through the Servlet container's error page resolution: javax.servlet.error.status_code, javax.servlet.error.exception_type, javax.servlet.error.message, javax.servlet.error.exception, javax.servlet.error.request_uri, javax.servlet.error.servlet_name.

Does not override values if already present, to respect attribute values that have been exposed explicitly before.

Exposes status code 200 by default. Set the "javax.servlet.error.status_code" attribute explicitly (before or after) in order to expose a different status code.

Parameters:

request - current servlet request

ex - the exception encountered

servletName - the name of the offending servlet

clearErrorRequestAttributes

public static void clearErrorRequestAttributes(HttpServletRequest request)

Clear the Servlet spec's error attributes as HttpServletRequest attributes under the keys defined in the Servlet 2.3 specification: javax.servlet.error.status_code, javax.servlet.error.exception_type, javax.servlet.error.message, javax.servlet.error.exception, javax.servlet.error.request_uri, javax.servlet.error.servlet_name.

Parameters:

request - current servlet request

exposeRequestAttributes

@Deprecated
public static void exposeRequestAttributes(ServletRequest request,
                                                       java.util.Map<java.lang.String,?> attributes)

Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes

Expose the given Map as request attributes, using the keys as attribute names and the values as corresponding attribute values. Keys need to be Strings.

Parameters:

request - current HTTP request

attributes - the attributes Map

getCookie

public static Cookie getCookie(HttpServletRequest request,
                               java.lang.String name)

Retrieve the first cookie with the given name. Note that multiple cookies can have the same name but different paths or domains.

Parameters:

request - current servlet request

name - cookie name

Returns:

the first cookie with the given name, or null if none is found

hasSubmitParameter

public static boolean hasSubmitParameter(ServletRequest request,
                                         java.lang.String name)

Check if a specific input type="submit" parameter was sent in the request, either via a button (directly with name) or via an image (name + ".x" or name + ".y").

Parameters:

request - current HTTP request

name - name of the parameter

Returns:

if the parameter was sent

See Also:

SUBMIT_IMAGE_SUFFIXES

findParameterValue

public static java.lang.String findParameterValue(ServletRequest request,
                                                  java.lang.String name)

Obtain a named parameter from the given request parameters.

See findParameterValue(java.util.Map, String) for a description of the lookup algorithm.

Parameters:

request - current HTTP request

name - the logical name of the request parameter

Returns:

the value of the parameter, or null if the parameter does not exist in given request

findParameterValue

public static java.lang.String findParameterValue(java.util.Map<java.lang.String,?> parameters,
                                                  java.lang.String name)

Obtain a named parameter from the given request parameters.

This method will try to obtain a parameter value using the following algorithm:

1. Try to get the parameter value using just the given logical name. This handles parameters of the form logicalName = value. For normal parameters, e.g. submitted using a hidden HTML form field, this will return the requested value.
2. Try to obtain the parameter value from the parameter name, where the parameter name in the request is of the form logicalName_value = xyz with "_" being the configured delimiter. This deals with parameter values submitted using an HTML form submit button.
3. If the value obtained in the previous step has a ".x" or ".y" suffix, remove that. This handles cases where the value was submitted using an HTML form image button. In this case the parameter in the request would actually be of the form logicalName_value.x = 123.

Parameters:

parameters - the available parameter map

name - the logical name of the request parameter

Returns:

the value of the parameter, or null if the parameter does not exist in given request

getParametersStartingWith

public static java.util.Map<java.lang.String,java.lang.Object> getParametersStartingWith(ServletRequest request,
                                                                                         java.lang.String prefix)

Return a map containing all parameters with the given prefix. Maps single values to String and multiple values to String array.

For example, with a prefix of "spring_", "spring_param1" and "spring_param2" result in a Map with "param1" and "param2" as keys.

Parameters:

request - HTTP request in which to look for parameters

prefix - the beginning of parameter names (if this is null or the empty string, all parameters will match)

Returns:

map containing request parameters without the prefix, containing either a String or a String array as values

See Also:

ServletRequest.getParameterNames(), ServletRequest.getParameterValues(java.lang.String), ServletRequest.getParameterMap()

getTargetPage

@Deprecated
public static int getTargetPage(ServletRequest request,
                                            java.lang.String paramPrefix,
                                            int currentPage)

Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes

Return the target page specified in the request.

Parameters:

request - current servlet request

paramPrefix - the parameter prefix to check for (e.g. "_target" for parameters like "_target1" or "_target2")

currentPage - the current page, to be returned as fallback if no target page specified

Returns:

the page specified in the request, or current page if not found

extractFilenameFromUrlPath

@Deprecated
public static java.lang.String extractFilenameFromUrlPath(java.lang.String urlPath)

Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes

Extract the URL filename from the given request URL path. Correctly resolves nested paths such as "/products/view.html" as well.

Parameters:

urlPath - the request URL path (e.g. "/index.html")

Returns:

the extracted URI filename (e.g. "index")

extractFullFilenameFromUrlPath

@Deprecated
public static java.lang.String extractFullFilenameFromUrlPath(java.lang.String urlPath)

Deprecated. as of Spring 4.3.2, in favor of custom code for such purposes (or UriUtils.extractFileExtension(java.lang.String) for the file extension use case)

Extract the full URL filename (including file extension) from the given request URL path. Correctly resolve nested paths such as "/products/view.html" and remove any path and or query parameters.

Parameters:

urlPath - the request URL path (e.g. "/products/index.html")

Returns:

the extracted URI filename (e.g. "index.html")

parseMatrixVariables

public static MultiValueMap<java.lang.String,java.lang.String> parseMatrixVariables(java.lang.String matrixVariables)

Parse the given string with matrix variables. An example string would look like this "q1=a;q1=b;q2=a,b,c". The resulting map would contain keys "q1" and "q2" with values ["a","b"] and ["a","b","c"] respectively.

Parameters:

matrixVariables - the unparsed matrix variables string

Returns:

a map with matrix variable names and values (never null)

Since:

3.2

isValidOrigin

public static boolean isValidOrigin(HttpRequest request,
                                    java.util.Collection<java.lang.String> allowedOrigins)

Check the given request origin against a list of allowed origins. A list containing "*" means that all origins are allowed. An empty list means only same origin is allowed.

Note: this method may use values from "Forwarded" (RFC 7239), "X-Forwarded-Host", "X-Forwarded-Port", and "X-Forwarded-Proto" headers, if present, in order to reflect the client-originated address. Consider using the ForwardedHeaderFilter in order to choose from a central place whether to extract and use, or to discard such headers. See the Spring Framework reference for more on this filter.

Returns:

true if the request origin is valid, false otherwise

Since:

4.1.5

See Also:

RFC 6454: The Web Origin Concept

isSameOrigin

public static boolean isSameOrigin(HttpRequest request)

Check if the request is a same-origin one, based on Origin, Host, Forwarded, X-Forwarded-Proto, X-Forwarded-Host and

Returns:

true if the request is a same-origin one, false in case of cross-origin request

Since:

4.2