Spring MVC 请求映射明确禁止参数 [英] Spring MVC request mapping explicitly disallowing parameters
问题描述
我遇到了 Spring (3.1) 映射难题:我有一个简单的 findAll 方法:
I'm running into a Spring (3.1) mapping conundrum: I have a simple, findAll method:
@RequestMapping( method = RequestMethod.GET )
@ResponseBody
public List< User > findAll(){
return findAllInternal();
}
这映射到以下 URI(很好):/user
.
This maps on the following URI (which is good): /user
.
但是它也映射到:/user?bla=8
,这并不好.
However it also maps on: /user?bla=8
, which is not good.
有没有办法明确指定这个特定映射不包含参数的事实?我试图在 @RequestMapping
中指定 params
但我看不到这样做的明确方法.
Is there a way to explicitly specify the fact that this particular mapping contains no parameters?
I have tried to specify the params
in the @RequestMapping
but I can see no clear way of doing this.
感谢任何帮助.
谢谢.欧根.
推荐答案
您可以否定 @RequestMapping.param
属性中的参数.
You can negate parameters in @RequestMapping.param
attribute.
@RequestMapping( method = RequestMethod.GET, params = "!bla")
从 spring 3.1 开始,您不能明确禁止请求具有参数.
As of spring 3.1 you can't explicitly disallow request to have parameters.
但说实话,很少有必要这样做.
But to be honest it's rarely necessary.
三个用例:
bla
是一个已知参数,您可以明确允许/禁止.bla
是未知参数,可以忽略.- 您想以特殊方式处理带有未知参数的请求(例如抛出错误).
bla
is a known parameter that you can explicitly allow/disallow.bla
is unknown parameter and can be ignored.- you want to handle requests with unknown parameters in a special way (throw an error for example).
前两个可以在spring mvc中完成.第三个,AFAIK,不能.
The first two can be done in spring mvc. The third one, AFAIK, can't.
第三个选项也有潜在危险,因为您必须非常小心客户端可以发送到您的服务器的参数(例如安全框架添加的内容等).
The third option is also potentially dangerous as you'd have to be really careful about the parameters the clients can send to your sever (like stuff added by security frameworks, etc).
这篇关于Spring MVC 请求映射明确禁止参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!