open class CharacterEncodingFilter : OncePerRequestFilter
Servlet Filter that allows one to specify a character encoding for requests. This is useful because current browsers typically do not set a character encoding even if specified in the HTML page or form.
This filter can either apply its encoding if the request does not already specify an encoding, or enforce this filter's encoding in any case ("forceEncoding"="true"). In the latter case, the encoding will also be applied as default response encoding (although this will usually be overridden by a full content type set in the view).
open class CommonsRequestLoggingFilter : AbstractRequestLoggingFilter
Simple request logging filter that writes the request URI (and optionally the query string) to the Commons Log.
open class CompositeFilter : Filter
A generic composite servlet Filter that just delegates its behavior to a chain (list) of user-supplied filters, achieving the functionality of a FilterChain, but conveniently using only Filter instances.
This is useful for filters that require dependency injection, and can therefore be set up in a Spring application context. Typically, this composite would be used in conjunction with DelegatingFilterProxy, so that it can be declared in Spring but applied to a servlet context.
open class CorsFilter : OncePerRequestFilter
javax.servlet.Filter that handles CORS preflight requests and intercepts CORS simple and actual requests thanks to a CorsProcessor implementation (DefaultCorsProcessor by default) in order to add the relevant CORS response headers (like
This is an alternative to Spring MVC Java config and XML namespace CORS configuration, useful for applications depending only on spring-web (not on spring-webmvc) or for security constraints requiring CORS checks to be performed at javax.servlet.Filter level.
This filter could be used in conjunction with DelegatingFilterProxy in order to help with its initialization.
open class DelegatingFilterProxy : GenericFilterBean
Proxy for a standard Servlet Filter, delegating to a Spring-managed bean that implements the Filter interface. Supports a "targetBeanName" filter init-param in
This approach is particularly useful for Filter implementation with complex setup needs, allowing to apply the full Spring bean definition machinery to Filter instances. Alternatively, consider standard Filter setup in combination with looking up service beans from the Spring root application context.
NOTE: The lifecycle methods defined by the Servlet Filter interface will by default not be delegated to the target bean, relying on the Spring application context to manage the lifecycle of that bean. Specifying the "targetFilterLifecycle" filter init-param as "true" will enforce invocation of the
As of Spring 3.1,
This class was originally inspired by Spring Security's
open class ForwardedHeaderFilter : OncePerRequestFilter
Extract values from "Forwarded" and "X-Forwarded-*" headers in order to wrap and override the following from the request and response:
Note: This filter can also be used in a
open class HiddenHttpMethodFilter : OncePerRequestFilter
javax.servlet.Filter that converts posted method parameters into HTTP methods, retrievable via
The name of the request parameter defaults to
NOTE: This filter needs to run after multipart processing in case of a multipart POST request, due to its inherent need for checking a POST body parameter. So typically, put a Spring org.springframework.web.multipart.support.MultipartFilter before this HiddenHttpMethodFilter in your
open class HttpPutFormContentFilter : OncePerRequestFilter
javax.servlet.Filter that makes form encoded data available through the
The Servlet spec requires form data to be available for HTTP POST but not for HTTP PUT or PATCH requests. This filter intercepts HTTP PUT and PATCH requests where content type is
open class RelativeRedirectFilter : OncePerRequestFilter
Note: While relative redirects are more efficient they may not work with reverse proxies under some configurations.
open class RequestContextFilter : OncePerRequestFilter
Servlet Filter that exposes the request to the current thread, through both org.springframework.context.i18n.LocaleContextHolder and RequestContextHolder. To be registered as filter in
Alternatively, Spring's org.springframework.web.context.request.RequestContextListener and Spring's org.springframework.web.servlet.DispatcherServlet also expose the same request context to the current thread.
This filter is mainly for use with third-party servlets, e.g. the JSF FacesServlet. Within Spring's own web support, DispatcherServlet's processing is perfectly sufficient.
open class ServletContextRequestLoggingFilter : AbstractRequestLoggingFilter
Simple request logging filter that writes the request URI (and optionally the query string) to the ServletContext log.
open class ShallowEtagHeaderFilter : OncePerRequestFilter
javax.servlet.Filter that generates an
Since the ETag is based on the response content, the response (e.g. a org.springframework.web.servlet.View) is still rendered. As such, this filter only saves bandwidth, not server performance.
NOTE: As of Spring Framework 5.0, this filter uses request/response decorators built on the Servlet 3.1 API.