-
Notifications
You must be signed in to change notification settings - Fork 37.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@RequestBody required parameter is ignored allowing null payloads [SPR-13490] #18068
Comments
Brian Clozel commented I couldn't reproduce the issue you're referring to here, using Boot or plain Spring Framework. Here is a repro project that demonstrates that:
Could you take a look at this repro project and your app? Thanks, |
Emanuel Hategan commented I've made a pull request with updated tests: spring-attic/spring-framework-issues#111 What I'm thinking is that it should reject payloads that are "null" not only empty "{}" since the null string is deserialized as null payload. |
Brian Clozel commented I don't think this behavior is a bug, since:
Now for each case:
In my opinion, there are several ways to deal with this - manually checking for null values, using One more thing: your SO question was spot on (sorry if it took me a while to understand the whole context) and I understand your concerns - even if there may be "no problem to solve" strictly in the framework, I'd like to find the best answer for this. Is this |
Emanuel Hategan commented Hi Brian, thank you for looking into this. You are saying "null" is deserialized by Jackson as null, and the Validator is never called on such object and you are right validator is not called in this case. However, I still believe "null" values should be rejected earlier, because of the Interestingly enough, in version 4.2.3.RELEASE the issue is fixed: just replace 4.1.7.RELEASE with 4.2.3.RELEASE in the pom and all tests pass. |
Brian Clozel commented Indeed, this is now fixed. Thanks for the report! |
Issue seems to reappear in springboot 3 |
@fveerden commenting on a 7 year old issue won't help here unfortunately. Could you create a new issue with a sample application showing the problem? |
Emanuel Hategan opened SPR-13490 and commented
When handling a POST request in a
@RestController
, the payload parameter annotated with@RequestBody
can be null, regardless of the value of the required attribute.Payload is JSON (content-type header is included) and deserialization is handled by Jackson.
In case it matters, the project is inheriting from spring-boot-starter-parent version 1.2.5.RELEASE.
Affects: 4.1.7
Reference URL: http://stackoverflow.com/questions/32222099/spring-4-reject-null-requestbody-for-all-endpoints
Issue Links:
Referenced from: commits spring-attic/spring-framework-issues@5bf23a0, spring-attic/spring-framework-issues@c93c892, spring-attic/spring-framework-issues@0319caf
The text was updated successfully, but these errors were encountered: