Package com.inductiveautomation.ignition.common.rpc.proto

Class ObjectSerializers

java.lang.Object
com.inductiveautomation.ignition.common.rpc.proto.ObjectSerializers
public final class ObjectSerializers extends Object

  • Field Details

    • UNSAFE_OBJECT

      public static final ObjectSerializers.UnsafeObjectProtoSerializer<Object> UNSAFE_OBJECT
      DO NOT USE UNLESS LAST RESORT!
      This uses default java serialization. the only time this should ever be done is if we have basically no way to know what the object is or is going to be so we have no other choice. The forSafeObject(Class, Class[]) variation should be used whenever possible (which means we have already given up on using GSON or protobuf defs due to technical limitations).

      NOTE: This serialization mechanism still uses the ObjectInputFilter which helps prevent typical deserialization attacks.

  • Method Details

    • forSafeObject

      public static <T> ObjectSerializers.SaferObjectProtoSerializer<T> forSafeObject(Class<T> targetClass, Class<?>... safeClasses)
      Creates a new ObjectSerializers.SaferObjectProtoSerializer for the given class. This will use the SaferObjectInputStream and seed it with the default values along with the target class and any additionally provided classes. All other objects will cause deserialization failure

    • forUnsafeObject

      public static <T> ObjectSerializers.UnsafeObjectProtoSerializer<T> forUnsafeObject(Class<T> clazz)
      DO NOT USE UNLESS LAST RESORT!
      This uses default java serialization. the only time this should ever be done is if we have basically no way to know what the object is or is going to be so we have no other choice.

      NOTE: This serialization mechanism still uses the ObjectInputFilter which helps prevent typical deserialization attacks.