0

I am using grails 3.3.8 and by default suffix pattern matching is enabled. This means that a handler with /xyz will also be mapped with /xyz.abc or /xyz.abc.test etc.

We can disable the suffix pattern match in spring as described in https://docs.spring.io/spring/docs/current/spring-framework-reference/web.html#mvc-ann-requestmapping-suffix-pattern-match

Please help me to disable this in grails.

Vishnu Vasudevan
  • 76
  • 1
  • 3
  • If you have a mapping like `"/abc(.$someIgnoredSuffix)?"(controller: 'alpha')` that will match `/abc` and `/abc.def`. Is that what you want? – Jeff Scott Brown Oct 21 '19 at 19:00
  • No I want /abc.def to be treated as different url. Don't want to match with /abc – Vishnu Vasudevan Oct 21 '19 at 19:30
  • https://stackoverflow.com/questions/52457572/how-to-configure-spring-mvc-to-prevent-path-based-vulnerability need to something similar in groovy – Vishnu Vasudevan Oct 21 '19 at 19:31
  • That is what you get by default. If you have a mapping like `"/abc"(controller: 'demo')`, that will not match a request to `/abc.def`. – Jeff Scott Brown Oct 21 '19 at 19:48
  • Right now my grails application shows the same page for /login and /login.xxx , Need a way to disable this. – Vishnu Vasudevan Oct 22 '19 at 09:37
  • "Right now my grails application shows the same page for /login and /login.xxx" - What mapping do you have which is matching `/login.xxx`? – Jeff Scott Brown Oct 22 '19 at 15:09
  • 1
    If you have the default url mapping in place which includes the `(.$format)` suffix, and you have a controller named `LoginController`, then I would expect `/login.xxx` to match. If that isn't what you wan't, then you don't want to have a mapping like that in place. – Jeff Scott Brown Oct 22 '19 at 15:10
  • @JeffScottBrown Thanks for the help. I have removed (.$format) suffix from UrlMapping and it works as I want. – Vishnu Vasudevan Oct 25 '19 at 06:24

1 Answers1

0

If you have the default url mapping in place which includes the (.$format) suffix, and you have a controller named LoginController, then I would expect /login.xxx to match. If that isn't what you want, then you don't want to have a mapping like that in place.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Jeff Scott Brown
  • 26,804
  • 2
  • 30
  • 47