Description
AntPathMatcher and PathPattern support regex expressions but do not use the DOTALL option to ignore newline characters in URL paths. We should enable use of that to make path matching more predictable.
Note that this could create a mismatch in path matching between a security layer and Spring MVC or WebFlux, but such a security layer needs to address issues even more broadly, along the lines of Spring Security's MvcRequestMatcher which guarantees alignment with Spring MVC path matching. In addition, Spring Security's firewall rejects newlines and other problematic characters in URL paths to begin with.
We should also update the documentation to provide guidance around this and for example discourage use of HandlerInterceptor for security, or even a Filter, in favor of Spring Security, or otherwise use a path matching approach similar to that of Spring Security.
This issue is based on a report by @4ra1n.