Changes since 24.3.3
Fixes
-
Propagate all request parameter to location in eagerServerLoad mode (#18489)
Commit · Pull request · IssueCurrently, when eagerServerLoad is active only parameters from query string are propagated to the route Location. If the Flow view is accessed through a multipart form POST request thg form values are suppressed. With this change all request parameters are propagated to the view location object.
-
Remove fallback middleware also after Vite restart (#18455)
Commit · Pull requestThe existing hacky way of removing the middleware has two issues: 1. It removes it AFTER the first request to a non-existing file so the first request for a non-existing resources index.html and subsequent requests return 404 2. It does not work with Vite 4.0.5+ after restart, see vitejs/vite#15589
-
Remove Lazy annotation from Flow security beans (#18463)
Commit · Pull request · IssueFor parameters with Lazy annotation, Spring generates a not-serializable proxy. Since some security beans are used inside Flow listeners, they should be fully serializable (or defined transient, if possible). This change removes the unnecessary Lazy annotaions, moving the lazy evaluation to VaadinWebSecurity. ---------
-
Fix static resource retrieval with Jetty 12 (#18471)
Commit · Pull request · IssueWith Jetty 12, static resources retrieved via servlet context's
getResource(String)may return non-null URL for non-existing resource. Jetty 11 returns null for non-existing resource. This change adds a double check for the static resource retrieved with the getResource, and returns null if it doesn't exist, to keep other parts work the same way as with Jetty 11. -
Abort resource handling if dev server resource handling fails (#18484)
Commit · Pull request · IssueIf the failure comes from writing to the original request (e.g. because client has closed/aborted the connection), then we cannot continue trying to write another response to it. If the failure comes from the connection to the Vite server, we still don't know if it would have served a resource or not so we should abort. Does not fix the underlying cause for the connection being aborted though but #17995 does not have information about that
-
Refresh dev-tools token on server restart (#18467)
Commit · Pull request · IssueWhen the server restarts, a new dev-tools token is generated and the dev-tools websocket reconnection attempts fail because the server does not validate the old token. This change checks if the token provided by the client was formerly provided by the server, and in that case, forces the client to reconnect with a refreshed token.
-
Prevent dev-tools connection to downgrade to streaming transport (#18447)
Commit · Pull request · IssuePushHandler expects that dev-tools connection to always use websocket transport. However, in case of client reconnection, atmosphere after a couple of attempts downgrades the transport to 'streaming', causing PushHandler to treat the connection as a Flow UI Push connection. This change set 'websocket' also as atmospehere fallback transport, so all reconnection attempts will use the expected transport.
-
Replace 'blacklist' and 'whitelist' with 'blocked' and 'allowed' (#18405)
Commit · Pull request · IssueMark the existing methods as deprecated and introduce methods with new names. Fall back to the old configuration properties if the new ones aren't used.