WebDataBinder.setDisallowedFields 是否可以与 @RequestBody 一起使用?
之前已经提出过这个问题,但答案相互矛盾。
Here据说它有效,但是here以及更多的地方据说它不起作用。
我在Spring 3和4中尝试过,发现它不起作用。也许这需要一些额外的设置?
示例代码:
@RestController
public class TestController {
@InitBinder
public void initBinder(WebDataBinder binder) {
binder.setDisallowedFields("name");
}
@RequestMapping(value = "/", method = RequestMethod.POST,
produces = MediaType.APPLICATION_JSON_VALUE,
consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
public Response add(@RequestBody Request request) {
return new Response("added name: " + request.name + ", surname: " + request.surname);
}
public static class Request {
String name, surname;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getSurname() {
return surname;
}
public void setSurname(String surname) {
this.surname = surname;
}
}
public static class Response {
final String message;
Response(String message) {
this.message = message;
}
public String getMessage() {
return message;
}
}
}