public class SaferObjectInputStream
extends java.io.ObjectInputStream
Modifier and Type | Field and Description |
---|---|
static java.util.Set<java.lang.Class<?>> |
DEFAULT_WHITELIST
Default whitelist accepts strings, dates, numbers
|
baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING
Constructor and Description |
---|
SaferObjectInputStream(java.io.InputStream in) |
SaferObjectInputStream(java.io.InputStream in,
java.util.Set<java.lang.Class<?>> whitelist) |
Modifier and Type | Method and Description |
---|---|
protected java.io.ObjectStreamClass |
readClassDescriptor() |
available, close, defaultReadObject, enableResolveObject, read, read, readBoolean, readByte, readChar, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveClass, resolveObject, resolveProxyClass, skipBytes
public static final java.util.Set<java.lang.Class<?>> DEFAULT_WHITELIST
public SaferObjectInputStream(java.io.InputStream in) throws java.io.IOException
java.io.IOException
public SaferObjectInputStream(java.io.InputStream in, java.util.Set<java.lang.Class<?>> whitelist) throws java.io.IOException
java.io.IOException