AntPathMatcher通配符規則

本文轉載自查看原文 2020-03-24 15:18 1333 spring/ 規則/ CSRF/ 通配符/ AntPathMatcher

AntPathMatcher通配符規則

官方文檔：https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/util/AntPathMatcher.html

官方示例：

The mapping matches URLs using the following rules:

? matches one character
* matches zero or more characters
** matches zero or more directories in a path
{spring:[a-z]+} matches the regexp [a-z]+ as a path variable named "spring"

Examples

com/t?st.jsp — matches com/test.jsp but also com/tast.jsp or com/txst.jsp
com/*.jsp — matches all .jsp files in the com directory
com/**/test.jsp — matches all test.jsp files underneath the com path
org/springframework/**/*.jsp — matches all .jsp files underneath the org/springframework path
org/**/servlet/bla.jsp — matches org/springframework/servlet/bla.jsp but also org/springframework/testing/servlet/bla.jsp and org/servlet/bla.jsp
com/{filename:\\w+}.jsp will match com/test.jsp and assign the value test to the filename variable

Note: a pattern and a path must both be absolute or must both be relative in order for the two to match. Therefore it is recommended that users of this implementation to sanitize patterns in order to prefix them with "/" as it makes sense in the context in which they're used.

Since:: 16.07.2003
Author:: Alef Arendsen, Juergen Hoeller, Rob Harrop, Arjen Poutsma, Rossen Stoyanchev, Sam Brannen

補充示例：

/** — 特殊字符串，匹配所有路徑
** — 特殊字符串，匹配所有路徑
/bla/** — 匹配所有以/bla/開頭的路徑

AntPathRequestMatcher的構造函數

    public AntPathRequestMatcher(String pattern, String httpMethod, boolean caseSensitive, UrlPathHelper urlPathHelper) {
        Assert.hasText(pattern, "Pattern cannot be null or empty");
        this.caseSensitive = caseSensitive;
        if (!pattern.equals("/**") && !pattern.equals("**")) {
            if (pattern.endsWith("/**") && pattern.indexOf(63) == -1 && pattern.indexOf(123) == -1 && pattern.indexOf(125) == -1 && pattern.indexOf("*") == pattern.length() - 2) {
                this.matcher = new AntPathRequestMatcher.SubpathMatcher(pattern.substring(0, pattern.length() - 3), caseSensitive);
            } else {
                this.matcher = new AntPathRequestMatcher.SpringAntMatcher(pattern, caseSensitive);
            }
        } else {
            pattern = "/**";
            this.matcher = null;
        }

        this.pattern = pattern;
        this.httpMethod = StringUtils.hasText(httpMethod) ? HttpMethod.valueOf(httpMethod) : null;
        this.urlPathHelper = urlPathHelper;
    }

對某些路徑放開csrf限制：

對以/outer/開頭的所有路徑放開csrf限制：

public class FactorySecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.httpBasic().disable();
        http.csrf().ignoringAntMatchers("/outer/**")
        .and().authorizeRequests().antMatchers("/**").permitAll();
        super.configure(http);
    }
}

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 SpringMVC路徑匹配規則AntPathMatcher(轉) Spring之AntPathMatcher Makefile規則③規則語法、依賴、通配符、目錄搜尋、目標 Spring AntPathMatcher Spring之AntPathMatcher 通配符通配符 web.xml中三種通配符及匹配規則 AntPathMatcher做路徑匹配 Spring源碼解析 - AntPathMatcher