001/* 002 * Copyright 2002-2018 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * https://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.http.converter.json; 018 019import java.io.IOException; 020 021import com.fasterxml.jackson.core.JsonGenerator; 022import com.fasterxml.jackson.databind.ObjectMapper; 023 024import org.springframework.http.MediaType; 025import org.springframework.lang.Nullable; 026 027/** 028 * Implementation of {@link org.springframework.http.converter.HttpMessageConverter} that can read and 029 * write JSON using <a href="https://github.com/FasterXML/jackson">Jackson 2.x's</a> {@link ObjectMapper}. 030 * 031 * <p>This converter can be used to bind to typed beans, or untyped {@code HashMap} instances. 032 * 033 * <p>By default, this converter supports {@code application/json} and {@code application/*+json} 034 * with {@code UTF-8} character set. This can be overridden by setting the 035 * {@link #setSupportedMediaTypes supportedMediaTypes} property. 036 * 037 * <p>The default constructor uses the default configuration provided by {@link Jackson2ObjectMapperBuilder}. 038 * 039 * <p>Compatible with Jackson 2.9 and higher, as of Spring 5.0. 040 * 041 * @author Arjen Poutsma 042 * @author Keith Donald 043 * @author Rossen Stoyanchev 044 * @author Juergen Hoeller 045 * @author Sebastien Deleuze 046 * @since 3.1.2 047 */ 048public class MappingJackson2HttpMessageConverter extends AbstractJackson2HttpMessageConverter { 049 050 @Nullable 051 private String jsonPrefix; 052 053 054 /** 055 * Construct a new {@link MappingJackson2HttpMessageConverter} using default configuration 056 * provided by {@link Jackson2ObjectMapperBuilder}. 057 */ 058 public MappingJackson2HttpMessageConverter() { 059 this(Jackson2ObjectMapperBuilder.json().build()); 060 } 061 062 /** 063 * Construct a new {@link MappingJackson2HttpMessageConverter} with a custom {@link ObjectMapper}. 064 * You can use {@link Jackson2ObjectMapperBuilder} to build it easily. 065 * @see Jackson2ObjectMapperBuilder#json() 066 */ 067 public MappingJackson2HttpMessageConverter(ObjectMapper objectMapper) { 068 super(objectMapper, MediaType.APPLICATION_JSON, new MediaType("application", "*+json")); 069 } 070 071 072 /** 073 * Specify a custom prefix to use for this view's JSON output. 074 * Default is none. 075 * @see #setPrefixJson 076 */ 077 public void setJsonPrefix(String jsonPrefix) { 078 this.jsonPrefix = jsonPrefix; 079 } 080 081 /** 082 * Indicate whether the JSON output by this view should be prefixed with ")]}', ". Default is false. 083 * <p>Prefixing the JSON string in this manner is used to help prevent JSON Hijacking. 084 * The prefix renders the string syntactically invalid as a script so that it cannot be hijacked. 085 * This prefix should be stripped before parsing the string as JSON. 086 * @see #setJsonPrefix 087 */ 088 public void setPrefixJson(boolean prefixJson) { 089 this.jsonPrefix = (prefixJson ? ")]}', " : null); 090 } 091 092 093 @Override 094 protected void writePrefix(JsonGenerator generator, Object object) throws IOException { 095 if (this.jsonPrefix != null) { 096 generator.writeRaw(this.jsonPrefix); 097 } 098 } 099 100}