Skip to content

Add ability to specify request mapping within @RestController [SPR-17047] #21585

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
spring-projects-issues opened this issue Jul 16, 2018 · 1 comment
Closed

Add ability to specify request mapping within @RestController [SPR-17047] #21585

spring-projects-issues opened this issue Jul 16, 2018 · 1 comment
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement

Comments

@spring-projects-issues
Copy link
Collaborator

spring-projects-issues commented Jul 16, 2018
edited
Loading

Nemykin Roman opened SPR-17047 and commented

Often spring application has rest API and usually we have some controller

@RestController
@RequestMapping("/api/v1")
public class ApiController {
}

It would be greate if we could rewrite it to

@RestController(path = "/api/v1")
public class ApiController {
}

Issue Links:
@spring-projects-issues spring-projects-issues added status: waiting-for-triage An issue we've not yet triaged or decided on type: enhancement A general enhancement in: web Issues in web modules (web, webmvc, webflux, websocket) and removed type: enhancement A general enhancement labels Jan 11, 2019
Closed
@rstoyanchev rstoyanchev mentioned this issue Mar 8, 2019
Closed
@rstoyanchev rstoyanchev mentioned this issue Jul 14, 2020
Closed
@bclozel bclozel added status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Sep 20, 2023
@bclozel
Copy link
Member

bclozel commented Sep 20, 2023

We've had a few similar requests over the years (see all linked issues above), but I'm going to close this and decline this enhancement request.

As seen in #22543, we already improved things because "empty" @RequestMapping declarations can be confusing as they don't restrict in any way which requests are mapped there. If we introduce @RestController(path="...") this means that the default value for that path attribute would be ""; as a result, the controller would be mapped on the root endpoint.

This means that for all existing controllers like this:

@RestController
@RequestMapping("/spring")
public class TestController {

  @GetMapping("/greeting")
  public String hello() {
    return "Hello";
  }
}

In theory, the greeting method would now be mapped for both "/spring/greeting" and "/greeting". This is definitely a security problem and massive upgrade problem for lots of applications out there.

We could somehow work around this case, but this goes against the entire composition logic of mappings we've followed so far and could be considered as a bug for most people.

In light of that, I'm declining this issue.

@bclozel bclozel closed this as not planned Won't fix, can't repro, duplicate, stale Sep 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bclozel @spring-projects-issues