Disable suffix pattern matching for Endpoints

Update EndpointHandlerMapping so that setUseSuffixPatternMatch is set
to false. This prevents URLs of the form /beans.json from returning
results and provides another line of defense against RDF attacks.

Fixes gh-4402

Author: philwebb

spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/mvc/EndpointHandlerMapping.java

@@ -80,6 +80,7 @@ public EndpointHandlerMapping(Collection<? extends MvcEndpoint> endpoints,
 			CorsConfiguration corsConfiguration) {
 		this.endpoints = new HashSet<MvcEndpoint>(endpoints);
 		this.corsConfiguration = corsConfiguration;
+		setUseSuffixPatternMatch(false);
 		// By default the static resource handler mapping is LOWEST_PRECEDENCE - 1
 		// and the RequestMappingHandlerMapping is 0 (we ideally want to be before both)
 		setOrder(-100);