zoukankan      html  css  js  c++  java
  • AntPathMatcher通配符规则

    AntPathMatcher通配符规则

    官方文档:https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/util/AntPathMatcher.html

    官方示例:

    The mapping matches URLs using the following rules:

    • ? matches one character
    • * matches zero or more characters
    • ** matches zero or more directories in a path
    • {spring:[a-z]+} matches the regexp [a-z]+ as a path variable named "spring"

    Examples

    • com/t?st.jsp — matches com/test.jsp but also com/tast.jsp or com/txst.jsp
    • com/*.jsp — matches all .jsp files in the com directory
    • com/**/test.jsp — matches all test.jsp files underneath the com path
    • org/springframework/**/*.jsp — matches all .jsp files underneath the org/springframework path
    • org/**/servlet/bla.jsp — matches org/springframework/servlet/bla.jsp but also org/springframework/testing/servlet/bla.jsp and org/servlet/bla.jsp
    • com/{filename:\w+}.jsp will match com/test.jsp and assign the value test to the filename variable

    Note: a pattern and a path must both be absolute or must both be relative in order for the two to match. Therefore it is recommended that users of this implementation to sanitize patterns in order to prefix them with "/" as it makes sense in the context in which they're used.

    Since:
    16.07.2003
    Author:
    Alef Arendsen, Juergen Hoeller, Rob Harrop, Arjen Poutsma, Rossen Stoyanchev, Sam Brannen

    补充示例:

    • /** — 特殊字符串,匹配所有路径
    • ** — 特殊字符串,匹配所有路径
    • /bla/**  — 匹配所有以/bla/开头的路径
    AntPathRequestMatcher的构造函数
        public AntPathRequestMatcher(String pattern, String httpMethod, boolean caseSensitive, UrlPathHelper urlPathHelper) {
            Assert.hasText(pattern, "Pattern cannot be null or empty");
            this.caseSensitive = caseSensitive;
            if (!pattern.equals("/**") && !pattern.equals("**")) {
                if (pattern.endsWith("/**") && pattern.indexOf(63) == -1 && pattern.indexOf(123) == -1 && pattern.indexOf(125) == -1 && pattern.indexOf("*") == pattern.length() - 2) {
                    this.matcher = new AntPathRequestMatcher.SubpathMatcher(pattern.substring(0, pattern.length() - 3), caseSensitive);
                } else {
                    this.matcher = new AntPathRequestMatcher.SpringAntMatcher(pattern, caseSensitive);
                }
            } else {
                pattern = "/**";
                this.matcher = null;
            }
    
            this.pattern = pattern;
            this.httpMethod = StringUtils.hasText(httpMethod) ? HttpMethod.valueOf(httpMethod) : null;
            this.urlPathHelper = urlPathHelper;
        }

    对某些路径放开csrf限制:

    对以/outer/开头的所有路径放开csrf限制:

    public class FactorySecurityConfig extends WebSecurityConfigurerAdapter {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.httpBasic().disable();
            http.csrf().ignoringAntMatchers("/outer/**")
            .and().authorizeRequests().antMatchers("/**").permitAll();
            super.configure(http);
        }
    }
  • 相关阅读:
    Django学习日记-06新url多对多表添加 编辑操作
    Django学习日记-05Ajax一对多添加 编辑操作
    Django学习日记-04Ajax单表操作编辑部分和js阻止
    Django学习日记-03单表-模态对话框的Ajax和新URL
    Django学习日记-02简单的模板渲染
    都2020年了,还问GET和POST的区别
    以面象对象的思想来操作SQL
    tcp-server--循环为多个客户端提供服务
    socket-udp
    第六周-第06章节-Python3.5-类变量的作用及析构函数
  • 原文地址:https://www.cnblogs.com/crazyghostvon/p/AntPathMatcher.html
Copyright © 2011-2022 走看看