MvcConfig: remove temporary workaround for CVE-2016-5007.

No functional changes.

Author: php-coder

src/main/java/ru/mystamps/web/config/MvcConfig.java

@@ -26,7 +26,6 @@
 import org.springframework.context.support.ReloadableResourceBundleMessageSource;
 import org.springframework.format.FormatterRegistry;
 import org.springframework.scheduling.annotation.EnableScheduling;
-import org.springframework.util.AntPathMatcher;
 import org.springframework.validation.Validator;
 import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
@@ -120,13 +119,6 @@ public void addInterceptors(InterceptorRegistry registry) {
 
 	@Override
 	public void configurePathMatch(PathMatchConfigurer configurer) {
-		// This is a temporary guard against CVE-2016-5007.
-		// Should be removed after upgrading to Spring MVC 4.3.1+ and Spring Security 4.1.1+.
-		// See also: http://pivotal.io/security/cve-2016-5007
-		AntPathMatcher pathMatcher = new AntPathMatcher();
-		pathMatcher.setTrimTokens(false);
-		configurer.setPathMatcher(pathMatcher);
-		
 		// If enabled a method mapped to "/users" also matches to "/users/"
 		configurer.setUseTrailingSlashMatch(false);
 		// If enabled a method mapped to "/users" also matches to "/users.*"